Scribd Logo
Upload

Welcome to Scribd!

  • 5 views

    Good

    Uploaded by

    medic writer
    Good

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Good

    Uploaded by

    medic writer
    5 views3 pages
    Good

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Good

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    5 views3 pages

    Good

    Uploaded by

    medic writer
    Good

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 3

    Unit 1 DB

    Elements of the Information Security Governance framework

    Described by the Information Systems Audit and Control Association as "a subset of

    enterprise governance that provides strategic direction, ensures that objectives are met, manages

    risk appropriately, uses organizational resources responsibly, and monitors the success or failure

    of the enterprise security program," information security governance is a component of

    enterprise governance.

    Strategy

    Business objectives and information security must be compatible. IT strategic plans must

    address both current and future business needs (Haufe, 2019). The goal of information security

    governance is to align organizational objectives with business and IT initiatives.

    Implementation

    Implementing policies and procedures to manage controls within a specific framework

    necessitates dedication, resources, responsibility assignment, and commitment. Implementing the

    program will be impossible without the support of upper management.

    Operation

    It is critical to address and effectively manage operational and technological risks, to

    execute projects that are aligned with your overall strategy, and to have enough resources

    available.
    Monitoring

    Metrics and monitoring assist management make more informed decisions, proactively

    implementing information security measures, documenting the effectiveness of the program, and

    addressing any compliance issues.

    Integrity

    Integrity in the context of information security refers to the precision and

    comprehensiveness of data. Integrity-focused security measures are intended to stop

    unauthorized parties from altering or abusing data (Haufe, 2019). Integrity is the preservation of

    data's reliability and consistency over its full life cycle. Data must not be altered while in transit,

    and security measures must be made to prevent unauthorized individuals from changing the data.
    Reference

    Haufe, K., Colomo-Palacios, R., Dzombeta, S., & Brandis, K. (2019). A process framework for

    information security management. International Journal of Information Systems and

    Project Management, 4(4), 27-47.

    You might also like