A model of component interaction between Formal, Technical and Informal components within IS/IT security governance
conference contribution
posted on 2023-05-23, 08:52authored byMusa, N, Clift, B
In most countries, corporate statutes and rules (mandatory or voluntary) about powers and responsibilities in corporations (corporate governance) place responsibility on the Board of Directors acting as a Board. However, these documents do not provide much guidance about recognizing potential problems or about preventative measures. Even so, it is apparent that knowingly tolerating dishonesty or incompetence within the corporation is likely to be regarded as negligence. Most organizations today pay little attention to the inter-relationship between the Formal component, Technical component and Informal component. The Board and senior management of organizations tend to focus more on narrow aspects such as IS/IT management rather than on a comprehensive view. Deficiencies in any of these three components may result in unbalanced IS/IT security implementation. The objective of this study is to integrate the three components simultaneously throughout the IS/IT security implementation. The model of IS/IT security governance is a comprehensive conceptual framework because it emphasizes the two-way relationship between each of the components. In this study, a triangulated approach is adopted, data were collected in three phases, phase 1 is a website analysis, phase 2 is an interview and phase 3 is a mail survey. The interactions of three components, formal, technical and informal are significant in the IS/IT security governance model.
History
Publication title
Proceedings of the 8th International Conference for Internet Technology and Secured Transactions (ICITST 2013)
Pagination
454-462
ISBN
978-1-908320-20-9
Department/School
TSBE
Publisher
Infomonics Society
Place of publication
USA
Event title
8th International Conference for Internet Technology and Secured Transactions (ICITST 2013)