• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>Cyber Resilience Conference >A Conceptual Framework of IT Security Governance and Internal Controls
【24h】

A Conceptual Framework of IT Security Governance and Internal Controls

机译:IT安全治理和内部控制的概念框架

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The Board and senior management use internal controls and IT risk governance to ensure that the corporation's directives such as security policies, standards, procedures, guidelines, administrative rules and practices at all organizational levels are properly chosen and adapted to the organization, implemented and enforced. There were three research problems identified in this paper, (1) Lack of involvement of the board and senior management in understanding IS/IT security problems, (2) unbalanced implementation of IS/IT security within the Formal, Technical and Informal components and (3) lack of internal control applications over IS/IT security. This had led to the development of a conceptual framework of IT Security Governance and Internal Controls. Interviews were undertaken with eight Malaysian Publicly Listed Companies to identify the issues that relate to IS/IT Security Governance in Malaysia. The findings reported in the data analysis were consistent with the conceptual framework of IT Security Governance and Internal Controls.
机译:董事会和高级管理层使用内部控制和IT风险治理来确保正确选择公司的指令,例如所有组织级别的安全策略,标准,程序,准则,管理规则和实践,并使其适合组织,实施和执行。本文确定了三个研究问题:(1)董事会和高级管理层缺乏对IS / IT安全问题的理解;(2)在正式,技术和非正式组成部分中对IS / IT安全的不平衡实施;以及( 3)缺乏对IS / IT安全性的内部控制应用程序。这导致了IT安全治理和内部控制概念框架的发展。与八家马来西亚上市公司进行了访谈,以查明与马来西亚IS / IT安全治理有关的问题。数据分析中报告的发现与IT安全治理和内部控制的概念框架一致。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号