Information Systems Security and Its Affiliation to Information Technology Risk Management

Jahankhani, Hamid; Nkhoma, Mathews

doi:10.1007/978-3-642-04062-7_22

Hamid Jahankhani⁴ &
Mathews Nkhoma⁵

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 45))

Included in the following conference series:

International Conference on Global Security, Safety, and Sustainability

990 Accesses

Abstract

The Information security is considered a risk management strategy. Risk management has always been an integral part of an Information Security programme. Hence, security should be addressed as one of the many key risk areas. Incorporation of information security within an It risk management programme elevates the importance of it and ties its practice together with other key IT risks. The Securities and Exchange Commission requires a formal risk assessment to evaluate the factors that impact an organization’s performance, because IT risk management and information security’s role is critical. The performance of risk assessments are a key component of good information security, mainly risk identification. In addition to return-on security-Investment strategy, the other trend is developing a culture of shared accountability. The reason being- the security is supposed to educate the business leader about threats, costs and consequences on the organization and the effectiveness of the possible remedies. This paper will report on an ongoing research to identify the function of Information systems security and its affiliation to Information technology risk management.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bennet, P., larssen, L.: Risk management for IT project
Google Scholar
Michael, E., Herbert, J.: Principles of information security, 3rd edn.
Google Scholar
Caelli, W., Longley, D., Shain, M.: Information Security for Managers. Stockton Press (2007)
Google Scholar
IT Security. (n.d.)., http://blogs.techrepublic.com.com/security/?m=200702 (retrieved May 24, 2009)
Risk Management.(n.d.)., http://softinnovativesolutions.com/rm.htm

Download references

Author information

Authors and Affiliations

University of East London, UK
Hamid Jahankhani
University of Dubai, United Arab Emirates
Mathews Nkhoma

Authors

Hamid Jahankhani
View author publications
You can also search for this author in PubMed Google Scholar
Mathews Nkhoma
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

School of Computing and Information Technology and Engineering, University of East London, London, UK
Hamid Jahankhani
Systems Assurance, City University, London, UK
Ali G. Hessami
Integrated Risk Management, NASA GSFC, Greenbelt, MD, USA
Feng Hsu

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Jahankhani, H., Nkhoma, M. (2009). Information Systems Security and Its Affiliation to Information Technology Risk Management. In: Jahankhani, H., Hessami, A.G., Hsu, F. (eds) Global Security, Safety, and Sustainability. ICGS3 2009. Communications in Computer and Information Science, vol 45. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04062-7_22

Download citation

DOI: https://doi.org/10.1007/978-3-642-04062-7_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04061-0
Online ISBN: 978-3-642-04062-7
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics