Project Assignment:
RESEARCH FOUNDATIONS FOR THE INFORMATION SECURITY PRACTITIONER 1
Amar Koduri
University of Fairfax
Research Foundations for the Information Security Practitioner, OL
Date July 16, 2020 Abstract
Information security, administration, and governance are great topics of interest for researchers and professionals.
In today's world, many companies have implemented a system of information security. Information technology is of great importance because of its increasing use. Information assets and effective management have become a significant concern. It is because information technology and governance are concerned with the organization's management and use of IT. It could be an essential part of an organization's administration and comprises of authority and organizational structures. It also increases the organization's policies and purposes.
Researchers are taking great interest in structures and methodologies used for security governance and management. This is because corporations are frequently fascinated because of increasingly linked information-intensive marketing aspects with the ongoing investigation of clarity and overall governance.
Introduction
At the same time, the use of information technology in an organization’s builds an ability to gain the advantage of new possibilities. It also introduces an individual with new market terms and enables him to work in the service-oriented marketplace. It profoundly depends on the capability to have openly available network connectivity and services.
Privacy measures and policies must protect data and consumer privacy and allow it to secure ways towards involved people in various marketing systems.
Recently security issues have been evolved towards much proactive protection of business, consumer faith, and business performance. With the rapid increase in the amount of information and interlinked organizations, the risk of information security continues to increase. Concerning security matters, organizations need to show adequate care and attention to prevent data loss and information privacy. Information security must cover and resolve minor and major technical security issues. Privacy measures and policies must protect data and consumer privacy and allow it to secure ways towards involved people in various marketing systems.
Problem description
Information technology and information security are primarily concerned with corporate governance. It is a fact that information technology has become a basic tool to establish an organization’s Information Security as it is quickly emerging in the workplace.
The representatives in an organization must note information security as a technical issue in order to develop a comprehensible governance structure. It can be a great difficulty for them because it includes risk management responsibility and broadcasting. It will also expect the involvement and commitment of the representatives towards the organization.
This research will look at how Information Technology and Governance implements in the Corporate Governance structure. This will also provide a description that how to assess an individual's performance according to the standards of security governance programs.
The findings will also highlight the multiple aspects of directing the organization to determine adequate security measures.
Research Question
Why information technology requires governance for Security purpose?
Hypothesis
Information technology and business are progressively interlinked with each other and are not based on the extensive use of individual controls. The organization that sets a system for decision-making is responsible for the communication designing and to alter it when required.
Risk governance includes all the relevant aspects and systems and linked them together into a combined form. Moreover, information technology security and governance exceeds the risk among the policy and governance of the organization management and its information security. The security can be built in the exceptional composition of the organization and inserted in its culture. The most significant obstacle in implementing information technology security and governance in an organization correlates with the process of performing a profession. It is also a great challenge because there is a primary need to organize business systems.
In this project, a reference is designed for information technology and security governance. While the governance model does not signify the actual controls and plans. It provides a precise direction in breaking up and placing security controls and activities into policy domains. The IT security and governance venture are comprehensive to be coherently suitable in business levels at organizations. This project is not planned to be applicable in extensive organizations at a smaller level, rather it can be altered to its divisional organizations. It is planned to implement for-profit purposes in non-profit organizations, as it is a common feature of organizations.
Conclusion
The findings of this research suggest that any organization can execute a complete Information technology security and governance to control security and privacy risks. For this, there is a need to make better and legal decisions in creating and implementing an active security program in the organizations.
References Coviello, F. W. (2004). Information Security Governance. Pereira, G. V. (2017). Increasing collaboration and participation in smart city governance: a cross-case analysis of smart city initiatives. Information Technology for Developement , 526-553. Veiga, J. H. (2007, October). researchgate. Retrieved from https://www.researchgate.net: https://www.researchgate.net/publication/220630626_An_Information_Security_Governance_Framework