Please use this identifier to cite or link to this item:
Title: Information systems security and its affiliation to information technology risk management
Authors: Jahankhani, H. 
Nkhoma, M. 
Issue Date: 2009
Journal: Communications in Computer and Information Science 
Abstract: The Information security is considered a risk management strategy. Risk management has always been an integral part of an Information Security programme. Hence, security should be addressed as one of the many key risk areas. Incorporation of information security within an It risk management programme elevates the importance of it and ties its practice together with other key IT risks. The Securities and Exchange Commission requires a formal risk assessment to evaluate the factors that impact an organization's performance, because IT risk management and information security's role is critical. The performance of risk assessments are a key component of good information security, mainly risk identification. In addition to return-on security-Investment strategy, the other trend is developing a culture of shared accountability. The reason being- the security is supposed to educate the business leader about threats, costs and consequences on the organization and the effectiveness of the possible remedies. This paper will report on an ongoing research to identify the function of Information systems security and its affiliation to Information technology risk management. © 2009 Springer Berlin Heidelberg.
DOI: 10.1007/978-3-642-04062-7_22
Appears in Collections:Articles

Show full item record

Page view(s)

Last Week
Last month
checked on Oct 22, 2020

Google ScholarTM




Items in Corepaedia are protected by copyright, with all rights reserved, unless otherwise indicated.