Information technology. Guidelines for the management of IT security

1998 ◽  
Keyword(s):  
Information Technology ◽  
It Security

Information Technology Security as Scored by Management Budget

2018 ◽  
pp. 258-280
Author(s):  
Tiina K. O. Rodrigue
Keyword(s):  
Information Technology ◽  
Organizational Management ◽  
It Security ◽  
Leadership Theories ◽  
Complexity Leadership ◽  
Organizational Power ◽  
Information Technology Security ◽  
Unfunded Mandate ◽  
The Impact ◽  
Business Complexity

In information technology security as scored by management budget, the author examines information technology (IT) security in the context of organizational management, business, complexity leadership theories, and current IT security scholarship. Based on well-known organizational power and politics theory as well as accounting, budget, and management literature, the chapter examines what is known about the impact of power and politics on IT security and the importance of budgetary gamesmanship as illustrated by understanding that the budget as a game, the politics of allocation within an organization, the influence of budgetary bias and how it shapes what CISOs must understand and master, the unfunded mandate impediment through which each the organization picks winners and losers under the auspices of “doing more with less.” The author suggests a future framework for IT security-management-budget review that includes measures that track expenditure versus the power alignment and how to gauge the net effect on an organization's information-technology security posture.

IT Security Governance and Centralized Security Controls

2008 ◽  
pp. 2130-2138
Author(s):  
Merrill Warkentin ◽  
Allen C. Johnston
Keyword(s):  
Information Technology ◽  
Human Activities ◽  
It Governance ◽  
Central Issue ◽  
It Security ◽  
Security Governance ◽  
Security Controls ◽  
Policies And Procedures ◽  
Enterprise Security ◽  
Over Time

Every enterprise must establish and maintain information technology (IT) governance procedures that will ensure the execution of the firm’s security policies and procedures. This chapter presents the problem and the framework for ensuring that the organization’s policies are implemented over time. Since many of these policies require human involvement (employee and customer actions, for example), the goals are met only if such human activities can be influenced and monitored and if positive outcomes are rewarded while negative actions are sanctioned. This is the challenge to IT governance. One central issue in the context of IT security governance is the degree to which IT security controls should be centralized or decentralized. This issue is discussed in the context of enterprise security management.

Investing in IT Security

2012 ◽  
Vol 6 (3) ◽  
pp. 75-87 ◽  
Author(s):  
Amanda Eisenga ◽  
Travis L. Jones ◽  
Walter Rodriguez
Keyword(s):  
Information Technology ◽  
Research Question ◽  
Digital Age ◽  
Rate Of Return ◽  
Financial Resources ◽  
It Security ◽  
It Infrastructure ◽  
Main Research ◽  
Maximum Threshold

Investing in information technology (IT) security is a critical decision in the digital age. And, in most organizations, it is wise to allocate a significant amount of resources to IT infrastructure. However, it is difficult to determine how much to invest in IT as well as quantifying the maximum threshold where the rate of return of this investment is diminishing. The main research question in this paper is: how much and what financial resources should be allocated to IT security? This paper analyzes different practices and techniques used to determine the calculation for investments in IT security and analyzes and recommend some suitable methods for deciding how much should be invested in IT security.

Sign in / Sign up

Export Citation Format

Share Document