Skip to main content
SpringerLink
Log in
Book cover

Guarding Your Business pp 201–238Cite as

Organizing for Security

  • Chapter

  • 152 Accesses

Abstract

Previous chapters in this book have examined a wide range of technical, legal, and organizational issues with regard to security. This final chapter provides in-depth coverage of the issues involved in developing a secure organization. It starts by examining the forces that are making security a top organizational concern. It goes on to a description of the information security organization from the perspectives of organizational theory and behavior theory. Next, the chapter provides an in depth discussion of the relationship between the CIO and CSO and concludes with a summary and brief discussion of the issues faced by organizations as they develop an architecture for security.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anonymous, 2001. Information Security Oversight-Essential Board Practices. Board Leadership Series. National Association of Corporate Directors.

    Google Scholar 

  2. Alberts, Christopher & Dorofee, Audrey 2003. Managing Information Security Risks-The OCTAVEsm Approach. New Jersey: Pearson Education.

    Google Scholar 

  3. Alter, Steven 2002. E-Business Security and Control. Information Systems-The Foundation of E-Business. New Jersey: Prentice-Hall, pp. 510–549.

    Google Scholar 

  4. Barth, Steve 2001. Protecting the Knowledge Enterprise. Knowledge Management, March 2001. New York: Freedom Communications, pp. 44–52.

    Google Scholar 

  5. Basel Committee on Banking Supervision 2001. Consultative Document-Operational Risk. Bank for International Settlements. www.bis.org.

    Google Scholar 

  6. Brown, David B. 1995. Technimanagement-The Human Side of the Technical Organization. New Jersey: Prentice-Hall.

    Google Scholar 

  7. Daft, Richard L. 1998. Organization Theory and Design. Cincinnati: South-Western College Publishing.

    Google Scholar 

  8. Davenport, Thomas H. 1997. Information Ecology-Mastering the Information and Knowledge Environment. Oxford: Oxford University Press.

    Google Scholar 

  9. Fox, S. & Wilson, R. 2002. HHS Responds to Frequently Asked Questions. HIPA Advisory. Phoenix Health Systems. www.hipaadvisory.com.

    Google Scholar 

  10. Gray, Andrew 2002. Risk Evaluation and Management Explained. Information Security Research Notes. North Brunswick, NJ: Icons, Inc. www.iconsinc.com

    Google Scholar 

  11. Greenberg, Jerald & Baron, Robert A. 2000. Behavior in Organizations. Seventh Edition. New Jersey: Prentice-Hall.

    Google Scholar 

  12. Gue, D’arcy Guerin. 2002. The HIPAA Security Rule: Overview. HIPA Advisory. Phoenix Health Systems, www.hipaadvisory.com.

    Google Scholar 

  13. Katz, Ralph (editor) 1997. The Human Side of Managing Technical Innovation: A Collection of Readings. Oxford: Oxford University Press.

    Google Scholar 

  14. Krutz, Ronald L. & Vines, Russell Dean. 2001. The CISSP Prep Guide-Mastering the Ten Domains of Computer Security. New York: Wiley.

    Google Scholar 

  15. Mandia, Kevin & Prosise, Chris 2001. Incident Response-Investigating Computer Crime. New York: Osborne/McGraw-Hill.

    Google Scholar 

  16. Morabito, J., Sack, I., & Bhate, A. 1999. Organization Modeling-Innovative Architectures for the 21st Century. New Jersey: Prentice-Hall.

    Google Scholar 

  17. Murray, W. 2000. Enterprise Security Architecture. Information Security Management Handbook. Fourth Edition. Boca Raton, Florida: CRC Press LLC.

    Google Scholar 

  18. Nonaka & Takeuchi. 1995. The Knowledge Creating Company. Oxford: Oxford University Press.

    Google Scholar 

  19. Peltier, Thomas R. 2001. Information Security Risk Analysis. Boca Raton, Florida: CRC Press LLC.

    Google Scholar 

  20. Poore, Ralph Spencer 2000. Information Law. Information Security Management Handbook Fourth Edition. Boca Raton, Florida: CRC Press LLC. P. 676.

    Google Scholar 

  21. Power, Richard 2002. CSI/FBI Computer Crime and Security Survey. Computer Security Issues and Trends Vol. 8 No. 1. San Francisco: Computer Security Institute.

    Google Scholar 

  22. Robbins, Stephen P. 1990. Organization Theory-Structure, Design, and Applications. Third Edition. New Jersey: Prentice-Hall.

    Google Scholar 

  23. Schein, Edgar H. 1992. Organizational Culture and Leadership. San Francisco: Jossey-Bass Inc.

    Google Scholar 

  24. Schneier, Bruce 2000. Secrets & Lies-Digital Security in a Networked World. New York: Wiley.

    Google Scholar 

  25. Schultze, Quentin J. 2002. Habits of the High-Tech Heart. Grand Rapids, MI: Baker Academic.

    Google Scholar 

  26. Shafritz, Jay M. & Ott, J. Steven 1996. Classics of Organization Theory. Fourth Edition. Orlando, Florida: Harcourt, Brace and Company.

    Google Scholar 

  27. Simons, Robert & Davila, Antonio. 1998. How High is Your Return on Management? Harvard Business Review on Measuring Corporate Performance. Massachusetts: Harvard Business School Press, pp 73–97.

    Google Scholar 

  28. Tipton, Harold F. & Krause, Micki (editors) 2000. Information Security Management Handbook. Fourth Edition. Boca Raton, Florida: CRC Press LLC.

    Google Scholar 

  29. Treese, G. Winfield & Stewart, Lawrence C., 1998. Designing Systems for Internet Commerce. Reading, Mass.: Addison-Wesley.

    Google Scholar 

  30. Tudor, Jan Killmeyer 2001. Information Security Architecture-An Integrated Approach to Security in the Organization. Boca Raton, Florida: CRC Press LLC.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ICONS Inc., USA

    Paul Rohmeyer

Authors
  1. Paul Rohmeyer
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Stevens Institute of Technology, Hoboken, New Jersey

    Sumit Ghosh , Manu Malek  & Edward A. Stohr ,  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Kluwer Academic Publishers

About this chapter

Cite this chapter

Rohmeyer, P. (2004). Organizing for Security. In: Ghosh, S., Malek, M., Stohr, E.A. (eds) Guarding Your Business. Springer, Boston, MA. https://doi.org/10.1007/0-306-48638-5_12

Download citation

  • DOI: https://doi.org/10.1007/0-306-48638-5_12

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-306-48494-0

  • Online ISBN: 978-0-306-48638-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation