Title :
Systems approach to Information Security Governance: An imperative need for sustainability of enterprises
Author_Institution :
Bus. Syst. & Cybern. Centre, Tata Consultancy Services, Hyderabad, India
Abstract :
In most of the current or past Information Security Governance programs for enterprises´, the approaches used are poor. These approaches do not provide or deal with the systemic view of enterprises´ information security governance and the emergent issues for its sustenance. In this paper, the author proposes two system models of enterprise information security governance based on systems thinking concepts. The first model, InfoSGov is used for assessing the current state of Enterprises´ Information security governance and the second model, GovInfoS is used for proposing the future state and its sustenance. The application of these models in a large telecom enterprise using the qualitative tools developed, is provided. It has demonstrated the practical use of the models and tools for assessment and sustenance of the enterprise with respect to information security governance.
Keywords :
business data processing; security of data; InfoSGov; enterprise information security governance programs; enterprise sustainability; large telecom enterprise; Information security; Lead; Modeling; Organizations; Process control; Enterprise Information Security governance; GovInfoS; InfoSGov; Information Security Governance; Systemic; Systemic Information Security Governance models; emergent;
Conference_Titel :
India Conference (INDICON), 2011 Annual IEEE
Conference_Location :
Hyderabad
Print_ISBN :
978-1-4577-1110-7
DOI :
10.1109/INDCON.2011.6139620
