Abstract
This paper demonstrates that information security is more than a technical issue, through the development of an information security responsibility framework that shows consideration for strategic and legal issues as well. It is important that information security be viewed as both a governance challenge and a management responsibility. In order to achieve this this paper addresses information security governance and the board's participation in directing and controlling security efforts. Furthermore information security management is addressed in order to demonstrate how information security should be implemented. Once a comprehensive picture of the information security function has been established, the roles of various individuals in terms of information security are discussed and mapped out in the responsibility framework in order to demonstrate the true scope of an organizations information security function.
Author supplied keywords
Cite
CITATION STYLE
Posthumus, S., & von Solms, R. (2005). A responsibility framework for information security. IFIP Advances in Information and Communication Technology, 193, 205–221. https://doi.org/10.1007/0-387-31167-x_13
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
