Information security governance: Due care

Information security governance: Due care,10.1016/j.cose.2006.08.013,Computers & Security,Rossouw Von Solms,Sebastiaan H. Von Solms

Information security governance: Due care   (Citations: 5)
BibTex | RIS | RefWorks Download
Most modern corporate governance guidelines, and also some country laws, make the Board and specifically the CEO responsible for the well-being of the organization. These parties must ensure that critical company assets are identified and that these assets are protected against possible risks that may negatively influence the organization. Information can certainly be regarded as a critical business asset in most organizations today. Therefore, due care needs to be applied in the protection of information resources. Failure to do so can lead to a legal charge of negligence. As best practices can be argued as a very effective approach to apply due care, this paper proposes a self-evaluation exercise (based on best practices) for boards of companies to be used to determine whether due care has indeed been applied.
Journal: Computers & Security - COMPSEC , vol. 25, no. 7, pp. 494-497, 2006
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
Sort by: