IT Security Governance and Centralized Security Controls

View Sample PDF

Author(s): Merrill Warkentin (Mississippi State University, USA)and Allen C. Johnston (University of Louisiana-Monroe, USA)
Copyright: 2006
Pages: 9
Source title: Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues
Source Author(s)/Editor(s): Merrill Warkentin (Mississippi State University, USA)and Rayford Vaughn (Mississippi State University, USA)
DOI: 10.4018/978-1-59140-911-3.ch002

Keywords: Business & Management / Business Information Systems / Business Science Reference / Enterprise Information Systems

Purchase

View IT Security Governance and Centralized Security Controls on the publisher's website for pricing and purchasing information.

Abstract

Every enterprise must establish and maintain information technology (IT) governance procedures that will ensure the execution of the firm’s security policies and procedures. This chapter presents the problem and the framework for ensuring that the organization’s policies are implemented over time. Since many of these policies require human involvement (employee and customer actions, for example), the goals are met only if such human activities can be influenced and monitored and if positive outcomes are rewarded while negative actions are sanctioned. This is the challenge to IT governance. One central issue in the context of IT security governance is the degree to which IT security controls should be centralized or decentralized. This issue is discussed in the context of enterprise security management.

The IRMA Community

Research IRM

IT Security Governance and Centralized Security Controls

Purchase

Abstract

Related Content

IRMA Sponsors