Information Security Governance - Compliance management vs operational management

Research output: Contribution to journalArticlepeer-review

94 Citations (Scopus)

Abstract

This paper discusses the difference that should exist between Information Security Operational Management and Information Security Compliance Management. The paper argues that for good Information Security Governance, good IT Governance and good Corporate Governance, these two dimensions of Information Security Management should be totally separate, and housed in separate departments.

Original languageEnglish
Pages (from-to)443-447
Number of pages5
JournalComputers and Security
Volume24
Issue number6
DOIs
Publication statusPublished - Sept 2005

Keywords

  • Compliance management
  • Corporate governance
  • Information security
  • Information security management
  • Information technology governance
  • Operational management
  • Risk management

ASJC Scopus subject areas

  • General Computer Science
  • Law

Fingerprint

Dive into the research topics of 'Information Security Governance - Compliance management vs operational management'. Together they form a unique fingerprint.

Cite this