Professional Documents
Culture Documents
Good
Good
Good
Described by the Information Systems Audit and Control Association as "a subset of
enterprise governance that provides strategic direction, ensures that objectives are met, manages
risk appropriately, uses organizational resources responsibly, and monitors the success or failure
enterprise governance.
Strategy
Business objectives and information security must be compatible. IT strategic plans must
address both current and future business needs (Haufe, 2019). The goal of information security
Implementation
Operation
execute projects that are aligned with your overall strategy, and to have enough resources
available.
Monitoring
Metrics and monitoring assist management make more informed decisions, proactively
implementing information security measures, documenting the effectiveness of the program, and
Integrity
unauthorized parties from altering or abusing data (Haufe, 2019). Integrity is the preservation of
data's reliability and consistency over its full life cycle. Data must not be altered while in transit,
and security measures must be made to prevent unauthorized individuals from changing the data.
Reference
Haufe, K., Colomo-Palacios, R., Dzombeta, S., & Brandis, K. (2019). A process framework for