preview

Information Security Governance Case Study

Good Essays

Information security governance
Monica Ford
CIS 438 Information Security Legal Issues
Professor Tremblay
June 2, 2018 Information Security Governance
The increasing complexity of the business environment has necessitated the need for businesses to utilize the available data to improve their practices so that they can be able to achieve business goals and objectives. Data is obtained from different platforms, and it comes in different forms and organizations are looking out for the most appropriate approaches that they can employ the use of technology and innovation to enhance the value of the data they are gathering (Safa, Von Solms & Furnell, 2016). With the increasing cyber-threat challenges, organizations are on the lookout to implement …show more content…

The strategic direction of the organization allows for identifying the data needs of the organization and appropriately aligning them with the available resources to meet the set goals (Galliers & Leidner, 2014). Planning is a critical component of setting out the strategic direction of the management. Oversight is also a crucial role that the senior management is mandated to spearhead. Evaluating whether the strategic plan is appropriately aligned with the designed activities and whether the indicators reveal that the organization is headed in the right direction is critical. In this case, the senior management plays a critical role in decision-making processes that inform the next course of action for the organization. Accountability is also a critical task that needs to be addressed by the management. The implementation of information security is costly, and there is the need for the appropriate use of the available resources if the set goals and objectives are to be achieved. Accountability helps in enhancing the transparency which allows the organization stakeholders to be entirely in support of the system to be …show more content…

The various components of the organization need to be adequately addressed so that a reliable information system can be put in place (Soomro, Shah & Ahmed, 2016). Setting out the organization structure is crucial as it determines the governance structure that is put in place and the level of effectiveness that is achieved. The delegation of roles and responsibilities in the new governance structure is also an essential factor to be considered for the appropriate accomplishment of tasks. Policy formulation is required to provide direction. Compliance standards set to facilitate adherence by individuals. Setting out a risk management plan is also necessary to allow for a strategy for handling any possible challenges that may be experienced. There is also need for measuring and reporting performance to identify the progress. Most critically is setting out the strategic plan for the organization which sets out the method of implementation and plan for success in the long

Get Access