Information Security Governance Papers

Paper Title INFORMATION SECURITY GOVERNANCE: A CALL TO ACTION
The Abstract of The Paper The road to information security goes through corporate governance. America cannot solve its cyber security challenges by delegating them to government officials or CIOs. The best way to strengthen US information security is to treat it as a corporate governance issue that requires the attention of Boards and CEOs. The Corporate Governance Task Force was formed in December 2003 to develop and promote a coherent governance framework to drive implementation of effective information security programs. Although information security is often viewed as a technical issue, it is also a governance challenge that involves risk management, reporting and accountability. As such, it requires the active engagement of executive management. Todayʼs economic environment demands that enterprises in both the public and private sectors reach beyond traditional boundaries. Citizens, customers, educators, suppliers, investors and other partners are all demanding more access to strategic resources. As enterprises reinvent themselves to meet this demand, traditional boundaries are disappearing and the premium on information security is rising. Heightened concerns about critical infrastructure protection and homeland security are accelerating this trend. In this report we provide a framework and guidelines to help organizations assess their performance and put in place an information security governance program. By themselves, however, these tools are not enough. To succeed we need a private sector commitment to implement this framework and begin to integrate information security into its corporate governance program. As we embrace information security governance, it is important to remember that, like quality, it is a journey that requires continuous improvement over time. We are still in the early stages of this journey. As we progress, we will not only reap the rewards of productivity growth, customer satisfaction and improved competitiveness, but also gain the larger reward of enhanced homeland security."
Web Link http://www.cyber.st.dhs.gov/docs/Information%20Security%20Governance-%20A%20Call%20to%20Action%20(2004).pdf

Back To Information Security Governance Papers List

Database Sections