Abstract
The Information security is considered a risk management strategy. Risk management has always been an integral part of an Information Security programme. Hence, security should be addressed as one of the many key risk areas. Incorporation of information security within an It risk management programme elevates the importance of it and ties its practice together with other key IT risks. The Securities and Exchange Commission requires a formal risk assessment to evaluate the factors that impact an organization’s performance, because IT risk management and information security’s role is critical. The performance of risk assessments are a key component of good information security, mainly risk identification. In addition to return-on security-Investment strategy, the other trend is developing a culture of shared accountability. The reason being- the security is supposed to educate the business leader about threats, costs and consequences on the organization and the effectiveness of the possible remedies. This paper will report on an ongoing research to identify the function of Information systems security and its affiliation to Information technology risk management.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bennet, P., larssen, L.: Risk management for IT project
Michael, E., Herbert, J.: Principles of information security, 3rd edn.
Caelli, W., Longley, D., Shain, M.: Information Security for Managers. Stockton Press (2007)
IT Security. (n.d.)., http://blogs.techrepublic.com.com/security/?m=200702 (retrieved May 24, 2009)
Risk Management.(n.d.)., http://softinnovativesolutions.com/rm.htm
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jahankhani, H., Nkhoma, M. (2009). Information Systems Security and Its Affiliation to Information Technology Risk Management. In: Jahankhani, H., Hessami, A.G., Hsu, F. (eds) Global Security, Safety, and Sustainability. ICGS3 2009. Communications in Computer and Information Science, vol 45. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04062-7_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-04062-7_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04061-0
Online ISBN: 978-3-642-04062-7
eBook Packages: Computer ScienceComputer Science (R0)