Systems approach to Information Security Governance: An imperative need for sustainability of enterprises

Author

Vinnakota, T.

Author_Institution

Bus. Syst. & Cybern. Centre, Tata Consultancy Services, Hyderabad, India

fYear

2011

fDate

16-18 Dec. 2011

Firstpage

1

Lastpage

8

Abstract

In most of the current or past Information Security Governance programs for enterprises´, the approaches used are poor. These approaches do not provide or deal with the systemic view of enterprises´ information security governance and the emergent issues for its sustenance. In this paper, the author proposes two system models of enterprise information security governance based on systems thinking concepts. The first model, InfoSGov is used for assessing the current state of Enterprises´ Information security governance and the second model, GovInfoS is used for proposing the future state and its sustenance. The application of these models in a large telecom enterprise using the qualitative tools developed, is provided. It has demonstrated the practical use of the models and tools for assessment and sustenance of the enterprise with respect to information security governance.

Keywords

business data processing; security of data; InfoSGov; enterprise information security governance programs; enterprise sustainability; large telecom enterprise; Information security; Lead; Modeling; Organizations; Process control; Enterprise Information Security governance; GovInfoS; InfoSGov; Information Security Governance; Systemic; Systemic Information Security Governance models; emergent;

fLanguage

English

Publisher

ieee

Conference_Titel

India Conference (INDICON), 2011 Annual IEEE

Conference_Location

Hyderabad

Print_ISBN

978-1-4577-1110-7

Type

conf

DOI

10.1109/INDCON.2011.6139620

Filename

6139620