SUBSCRIBE TO
CONTINUITY BRIEFING


Business continuity news

Never miss a news story: signup for our free weekly email newsletter.

REGIONAL PORTALS
Continuity Central currently offers three regional business continuity portals:
North America
United Kingdom
Asia Pacific / Australasia

Business Continuity books

In Hindsight - A compendium of Business Continuity case studies

Add to Google  

Use Google?
Click the button to add Continuity Central news to your Google home page
.

Follow us on Twitter  

Get immediate news
and information updates via our Twitter feed.

SUBMIT YOUR NEWS
To submit news stories to Continuity Central, e-mail the editor.

NEWSFEED
Want an RSS newsfeed for your website? Click here

OUR COOKIE POLICY
Before using this website ensure that you understand and accept our cookie policy. More details

Information Security Governance – raising the game

A new report from independent information security body, the Information Security Forum (ISF), provides organizations with a clear picture of how better governance can help the information security function raise its game within the business. Entitled ‘Information Security Governance – raising the game’, the report outlines how adopting a governance-style approach can lift security out of its technical ‘comfort zone’ and into a wider business context.

The ISF argues that while corporate governance is well-known and common practice, even obligatory, within the corporate environment, governance itself is not always present in information security – a critical part of any business. However, when the security function does adopt governance, it leads to better engagement with senior executives and other corporate governance functions, helping to foster better understanding, minimise risk and limit reputational damage.

The report’s author and ISF Principal Analyst, Adrian Davis, comments: “Corporate information is becoming much more complex because the technologies and processes to manage it are becoming more complex. At the same time, information is much more susceptible to attack or abuse, as we’ve witnessed many times this year already. This new report shows how information security governance can become an integral part of corporate governance, demonstrating to a company’s stakeholders – customers, partners, shareholders and regulators – that corporate data is being protected according to industry best practice.”

‘Information Security Governance – raising the game’ offers practical step-by-step guidance for businesses via a comprehensive security governance framework, developed using ISF Member experience, analysis, research, tools and workshops. It enables Members to demonstrate how information security can:

- Deliver value to stakeholders: Improve effectiveness and efficiency; meet stakeholder requirements; enable business initiatives; and integrate with enterprise processes

- Achieve strategic goals: Execute strategic objectives; set and refine information risk appetite; sustain buy-in and commitment; and maintain security requirements

- Provide information risk assurance: Oversee assurance programme; implement risk assessment; ensure compliance; manage supply chain risk; and monitor and report on assurance.

An executive summary of the ‘Information Security Governance – raising the game’ report is available here (after free registration).

•Date: 26th October 2011 • Region: World •Type: Article • Topic: ISM

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

BCM software

BCM software

Phoenix

Business continuity software

The Business Continuity and Resiliency Journal