Regulations, Frames of Reference, Information Systems Security and it Governance
Wafaâ Bouab Bennani, Bouchaib Marah, Pierre Nlend and Adil Sayouti. Article: Regulations, Frames of Reference, Information Systems Security and it Governance. International Journal of Applied Information Systems 10(8):43-48, April 2016. BibTeX
@article{key:article, author = "Wafaâ Bouab Bennani and Bouchaib Marah and Pierre Nlend and Adil Sayouti", title = "Article: Regulations, Frames of Reference, Information Systems Security and it Governance", journal = "International Journal of Applied Information Systems", year = 2016, volume = 10, number = 8, pages = "43-48", month = "April", note = "Published by Foundation of Computer Science (FCS), NY, USA" }
Abstract
By virtue of the multiplicity and diversity of laws regulating the field of information technology governance, those in charge of information systems in SMEs-SMIs are faced with a problematic of compliance obligation, especially that the laws are now of international and national order.
This work is concerned with information systems security and the crucial role it plays to ensure an effective governance of information technology (IT). An essential component of internal control imposed by financial security laws as well as by major IT governance frameworks, the security of information systems is one main leverage for a policy of compliance and standardization. Indeed, compliance with laws and regulations with the aim of enhancing the transparency and credibility of the mechanisms of information production and operation needs the implementation of a set of procedures and controls that meet safety requirements in terms of availability, integrity and confidentiality. These procedures introduce major changes with regard, in particular, to information visibility within the business, organizational and management processes, and human resources management.
Reference
- Georgel F. (2006) IT Governance: Strategic management of an information system, Dunod, p. 290.
- J. Luftman, Bullen C., D. Liao, Nash E. and C. Neumann (2004) Managing the information technology resource, Upper Saddle River, NJ: Pearson Prentice Hall R. Peterson (2004)
- R. Peterson (2004), "Crafting information technology governance", Information Systems Management, 21, 4, pp. 7-22
- S. C. Kavanagh and Suppert M. (2007) "We're all together in IT: Aligning Technology with Business through IT Governance", Government Finance Review, 23, 3, pp. 24-
- K. Rau G. (2004) "Effective governance of IT: design, objective, roles, and relationships", Information Systems Management, 21, 4, pp. 35-42
- Damianides M. (2005) "Sarbanes-Oxley and IT Governance: New Guidance on IT control and compliance" Information Systems Management, Winter, 22, 1, pp. 77- 85
- K. W. Hawkins, Alhajjaj S. and S. Kelley S. (2003) "Using CobiT to secure information assets" The Journal of Government Financial Management Summer, 52, 2, pp. 22-32
- Brown and W. Nasuti F. (2005) "are Sarban-Oxley and enterprise security: IT governance and what it takes to get the job done," EDPACS, 33, 2, pp. 1- 20
- J. Canavan E. (2001) "Fundamentals of Network Security", 319 pages, Boston, London: Artech House
- C. Llorens, Lever L., (2003), Network Security Dashboard,
- C. Brenton, Hunt C., (2003), Network Security, SYBEX, 490P
- T. H. Davenport and Beers, Mr. C. (1995) "Managing information about processes" Journal of Management Information Systems, 12 (1)
- COBIT® Control Practices., (2007): Guidance to Achieve Control Objectives for Successful IT Governance, 2nd Edition.
Keywords
Information systems security, governance, IT governance, compliance, reference frameworks.