A viable system model for information security governance: establishing a baseline of the current information security operations system
A viable system model for information security governance: establishing a baseline of the current information security operations system
The academic literature offers many different frameworks and models of Information Security Governance (ISG). Considerable advancements have been made in identifying the components and principles of ISG. However, the current research has not identified the viability principles and components of ISG that ensure business continuity. This paper proposes a systemic model of ISG using the principles and systems of cybernetics as embodied in Stafford Beer’s Viable System Model (VSM). It also establishes a baseline of the current information security operations system by adopting and simulating the BS ISO/IEC 27035 and shows the results of the simulation. Adopting the proposed viable system model of information security governance helps organizations not only in ensuring the effectiveness of internal controls but also in ensuring business continuity.
information security governance, viable system model, business continuity, BS ISO/IEC 27035
978-3-642-39217-7
245-256
Alqurashi, Ezzat
0dbcfd78-bb98-4b7f-99ce-a8b69af4ba67
Wills, Gary
3a594558-6921-4e82-8098-38cd8d4e8aa0
Gilbert, Lester
a593729a-9941-4b0a-bb10-1be61673b741
2013
Alqurashi, Ezzat
0dbcfd78-bb98-4b7f-99ce-a8b69af4ba67
Wills, Gary
3a594558-6921-4e82-8098-38cd8d4e8aa0
Gilbert, Lester
a593729a-9941-4b0a-bb10-1be61673b741
Alqurashi, Ezzat, Wills, Gary and Gilbert, Lester
(2013)
A viable system model for information security governance: establishing a baseline of the current information security operations system.
Janczewski, Lech J., Wolfe, Henry B. and Shenoi, Shujeet
(eds.)
In Security and Privacy Protection in Information Processing Systems. 28th IFIP TC 11 International Conference, SEC 2013, Auckland, New Zealand, July 8-10, 2013. Proceedings.
Springer.
.
(doi:10.1007/978-3-642-39218-4_19).
Record type:
Conference or Workshop Item
(Paper)
Abstract
The academic literature offers many different frameworks and models of Information Security Governance (ISG). Considerable advancements have been made in identifying the components and principles of ISG. However, the current research has not identified the viability principles and components of ISG that ensure business continuity. This paper proposes a systemic model of ISG using the principles and systems of cybernetics as embodied in Stafford Beer’s Viable System Model (VSM). It also establishes a baseline of the current information security operations system by adopting and simulating the BS ISO/IEC 27035 and shows the results of the simulation. Adopting the proposed viable system model of information security governance helps organizations not only in ensuring the effectiveness of internal controls but also in ensuring business continuity.
Text
Ezzat_a viable system model of information security governance.pdf
- Version of Record
Restricted to Repository staff only
Request a copy
More information
Published date: 2013
Keywords:
information security governance, viable system model, business continuity, BS ISO/IEC 27035
Organisations:
Electronic & Software Systems
Identifiers
Local EPrints ID: 369621
URI: http://eprints.soton.ac.uk/id/eprint/369621
ISBN: 978-3-642-39217-7
ISSN: 1868-4238
PURE UUID: 36d17aaf-34c5-40f5-ab27-a57cf1324d1d
Catalogue record
Date deposited: 17 Oct 2014 12:32
Last modified: 15 Mar 2024 02:51
Export record
Altmetrics
Contributors
Author:
Ezzat Alqurashi
Author:
Gary Wills
Author:
Lester Gilbert
Editor:
Lech J. Janczewski
Editor:
Henry B. Wolfe
Editor:
Shujeet Shenoi
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics