A Conceptual Framework of IT Security Governance and Internal Controls
The Board and senior management use internal controls and IT risk governance to ensure that the corporation's directives such as security policies, standards, procedures, guidelines, administrative rules and practices at all organizational levels are properly chosen and adapted to the organizat...
Saved in:
Main Author: | |
---|---|
Format: | Article |
Language: | English |
Published: |
Institute of Electrical and Electronics Engineers Inc.
2019
|
Subjects: | |
Online Access: | http://ir.unimas.my/id/eprint/29926/1/A%20Conceptual.pdf http://ir.unimas.my/id/eprint/29926/ https://ieeexplore.ieee.org/document/8626831 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my.unimas.ir.29926 |
---|---|
record_format |
eprints |
spelling |
my.unimas.ir.299262022-03-29T07:08:12Z http://ir.unimas.my/id/eprint/29926/ A Conceptual Framework of IT Security Governance and Internal Controls Musa, Nadianatra Q Science (General) T Technology (General) The Board and senior management use internal controls and IT risk governance to ensure that the corporation's directives such as security policies, standards, procedures, guidelines, administrative rules and practices at all organizational levels are properly chosen and adapted to the organization, implemented and enforced. There were three research problems identified in this paper, (1) Lack of involvement of the board and senior management in understanding IS/IT security problems, (2) unbalanced implementation of IS/IT security within the Formal, Technical and Informal components and (3) lack of internal control applications over IS/IT security. This had led to the development of a conceptual framework of IT Security Governance and Internal Controls. Interviews were undertaken with eight Malaysian Publicly Listed Companies to identify the issues that relate to IS/IT Security Governance in Malaysia. The findings reported in the data analysis were consistent with the conceptual framework of IT Security Governance and Internal Controls. Institute of Electrical and Electronics Engineers Inc. 2019-01-25 Article PeerReviewed text en http://ir.unimas.my/id/eprint/29926/1/A%20Conceptual.pdf Musa, Nadianatra (2019) A Conceptual Framework of IT Security Governance and Internal Controls. Proceedings of the 2018 Cyber Resilience Conference, CRC 2018. ISSN ISBN: 978-153867541-0 https://ieeexplore.ieee.org/document/8626831 DOI: 10.1109/CR.2018.8626831 |
institution |
Universiti Malaysia Sarawak |
building |
Centre for Academic Information Services (CAIS) |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Malaysia Sarawak |
content_source |
UNIMAS Institutional Repository |
url_provider |
http://ir.unimas.my/ |
language |
English |
topic |
Q Science (General) T Technology (General) |
spellingShingle |
Q Science (General) T Technology (General) Musa, Nadianatra A Conceptual Framework of IT Security Governance and Internal Controls |
description |
The Board and senior management use internal controls and IT risk governance to ensure that the corporation's directives such as security policies, standards, procedures, guidelines, administrative rules and practices at all organizational levels are properly chosen and adapted to the organization, implemented and enforced. There were three research problems identified in this paper, (1) Lack of involvement of the board and senior management in understanding IS/IT security problems, (2) unbalanced implementation of IS/IT security within the Formal, Technical and Informal components and (3) lack of internal control applications over IS/IT security. This had led to the development of a conceptual framework of IT Security Governance and Internal Controls. Interviews were undertaken with eight Malaysian Publicly Listed Companies to identify the issues that relate to IS/IT Security Governance in Malaysia. The findings reported in the data analysis were consistent with the conceptual framework of IT Security Governance and Internal Controls. |
format |
Article |
author |
Musa, Nadianatra |
author_facet |
Musa, Nadianatra |
author_sort |
Musa, Nadianatra |
title |
A Conceptual Framework of IT Security Governance and Internal Controls |
title_short |
A Conceptual Framework of IT Security Governance and Internal Controls |
title_full |
A Conceptual Framework of IT Security Governance and Internal Controls |
title_fullStr |
A Conceptual Framework of IT Security Governance and Internal Controls |
title_full_unstemmed |
A Conceptual Framework of IT Security Governance and Internal Controls |
title_sort |
conceptual framework of it security governance and internal controls |
publisher |
Institute of Electrical and Electronics Engineers Inc. |
publishDate |
2019 |
url |
http://ir.unimas.my/id/eprint/29926/1/A%20Conceptual.pdf http://ir.unimas.my/id/eprint/29926/ https://ieeexplore.ieee.org/document/8626831 |
_version_ |
1729708049088643072 |
score |
13.160551 |