A Viable System Model for Information Security Governance: Establishing a Baseline of the Current Information Security Operations System

Abstract : The academic literature offers many different frameworks and models of Information Security Governance (ISG). Considerable advancements have been made in identifying the components and principles of ISG. However, the current research has not identified the viability principles and components of ISG that ensure business continuity. This paper proposes a systemic model of ISG using the principles and systems of cybernetics as embodied in Stafford Beer’s Viable System Model (VSM). It also establishes a baseline of the current information security operations system by adopting and simulating the BS ISO/IEC 27035 and shows the results of the simulation. Adopting the proposed viable system model of information security governance helps organizations not only in ensuring the effectiveness of internal controls but also in ensuring business continuity.
Document type :
Conference papers
Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.245-256, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_19〉
Liste complète des métadonnées

Cited literature [17 references]  Display  Hide  Download

https://hal.inria.fr/hal-01463830
Contributor : Hal Ifip <>
Submitted on : Thursday, February 9, 2017 - 5:23:55 PM
Last modification on : Thursday, February 9, 2017 - 5:37:20 PM
Document(s) archivé(s) le : Wednesday, May 10, 2017 - 2:49:03 PM

File

978-3-642-39218-4_19_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Ezzat Alqurashi, Gary Wills, Lester Gilbert. A Viable System Model for Information Security Governance: Establishing a Baseline of the Current Information Security Operations System. Lech J. Janczewski; Henry B. Wolfe; Sujeet Shenoi. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. Springer, IFIP Advances in Information and Communication Technology, AICT-405, pp.245-256, 2013, Security and Privacy Protection in Information Processing Systems. 〈10.1007/978-3-642-39218-4_19〉. 〈hal-01463830〉

Share

Metrics

Record views

163

Files downloads

60