Paper Type
Research-in-Progress Paper
Abstract
Information privacy and security governance is a subset of enterprise governance which provides direction and control to help ensure IT performance and risk management. This study is conducted to find out the efficacy of different IS Security and Privacy governance structures. To achieve effectiveness and sustainability, security and privacy over information assets must be addressed at the highest levels of the organization and not regarded as a technical specialty relegated to the IT department. The study was conducted by interviewing CIOs of four companies from different industries across five categories: Privacy and Security Concerns, Decision Making Structure, Privacy and Security Impact, Control and Measurement, and Future Goals. The most important issues are listed and, based on that, a framework is developed which presents the factors affecting the privacy and security governance structure as well as their impact on business continuity.
Recommended Citation
Modaresnezhad, Minoo and Palvia, Prashant, "The Efficacy of IS Security and Privacy Governance Structures" (2013). AMCIS 2013 Proceedings. 9.
https://aisel.aisnet.org/amcis2013/ISSecurity/RoundTablePresentations/9
The Efficacy of IS Security and Privacy Governance Structures
Information privacy and security governance is a subset of enterprise governance which provides direction and control to help ensure IT performance and risk management. This study is conducted to find out the efficacy of different IS Security and Privacy governance structures. To achieve effectiveness and sustainability, security and privacy over information assets must be addressed at the highest levels of the organization and not regarded as a technical specialty relegated to the IT department. The study was conducted by interviewing CIOs of four companies from different industries across five categories: Privacy and Security Concerns, Decision Making Structure, Privacy and Security Impact, Control and Measurement, and Future Goals. The most important issues are listed and, based on that, a framework is developed which presents the factors affecting the privacy and security governance structure as well as their impact on business continuity.