Information Systems Security Strategy: A Process View
MetadataShow full item record
This chapter adopts a process view of information security strategy. That is, it is centrally concerned with how to "make" strategy; this extends the concern about what strategy "is." From a process viewpoint, information security strategy involves one or more strategy-setting processes. Such processes require an assessment of the goals for organizational information security. Examples include compliance with regulatory requirements, national and international standards, and professional practices. The strategy-setting process may be organized using a product criterion or a process criterion. A product criterion would organize the strategy-setting process by grouping activities according to the end products of the process. The products of strategy setting include statements of vision, core values, rationale, and strategic plans such as the security organization structure, security operations, and security budgeting strategy. A process criterion would organize the strategy-setting process by grouping activities according to major components, such as the alignment of security with organizational strategy, the planning of operational strategies, and the planning of security organizations. This chapter elaborates not just security goals, but the goal assessment process; not just the security criteria, but the criterion organizing processes; and not just the products of the strategic processes, but the strategy-setting processes themselves.
Showing items related by title, author, creator and subject.
Improving the performance of accounting information systems of commercial banks in Jordan by using the balanced scorecard approachHamdan, Mohammad Naser Mousa (2013)The continuous development of information technology in the modern word affects the performance of Accounting Information Systems (AIS) in Jordanian business organizations, including commercial banks, in many respects, ...
Berwick, Lyndon (2009)The analytical capacity of MSSV pyrolysis has been used to extend the structural characterisation of aquatic natural organic matter (NOM). NOM can contribute to various potable water issues and is present in high ...
Eiserbeck, Christiane (2011)The exploration and production of petroleum from the subsurface is an important sector of industry to maintain the standards of our modern life. The availability of these natural resources has diminished in the past decades ...