Information Security Governance Papers
| Paper Title | Information Security Guide For Government Executives |
|---|---|
| The Abstract of The Paper |
Information Security for Government Executives provides a broad overview of information security program concepts to assist senior leaders in understanding how to oversee and support the development and implementation of information security programs. Executives are responsible for:
• Establishing the organization’s information security program; • Setting program goals and priorities that support the mission of the organization; and • Making sure resources are available to support the program and make it successful. Senior leadership commitment to security is more important now than ever before. Studies have shown that senior management’s commitment to information security initiatives is the single most critical element that impacts an information security program’s success. Meeting this need necessitates senior leadership to focus on effective information security governance and support which requires integration of security into the strategic and daily operations of an organization. When considering this challenge, several key security questions emerge for the executive: • Why do I need to invest in information security? • Where do I need to focus my attention in accomplishing critical information security goals? • What are the key activities to build an effective information security program? • What are the information security laws, regulations, standards, and guidance that I need to understand to build an effective information security program? • Where can I learn more to assist me in evaluating the effectiveness of my information security program? This guide provides the answers to those questions. |
| Web Link | http://csrc.nist.gov/publications/nistir/ir7359/NISTIR-7359.pdf |