Abstract
Information Technology Security Governance (ITSG) provides organizations a roadmap to Information and Communication Technology (ICT) infrastructure protection with goals and objectives to design the security governance processes in align with national and international governance frameworks. Organizations in Australia are still at infancy stages of adopting IT governance processes. Organizations who have adopted these processes underestimate the security processes within the governance framework. If the security processes are designed, they are often flawed with operational level implementation. This paper investigates IT security governance specifically in Australian organizations. The objective is to bring the Australian organizations in alignment with international standards and frameworks in terms of integration of information security, IT audits, risks and control measures. A survey of selected organizations is conducted and results are presented in this paper identifying the maturity level of IT security governance in Australian organizations against the well known Capability Maturity Model® (CMM).
| Original language | English |
|---|---|
| Title of host publication | Annual International Conference on Information Technology Security, ITS 2010 |
| Place of Publication | Singapore |
| Publisher | Global Science and Technology Forum (GSTF) |
| Pages | I3-I7 |
| ISBN (Electronic) | 9789810876548 |
| Publication status | Published - 2010 |
| Event | Annual International Conference on Information Technology Security - Phuket, Thailand, Thailand Duration: 29 Nov 2010 → 30 Nov 2010 |
Conference
| Conference | Annual International Conference on Information Technology Security |
|---|---|
| Country/Territory | Thailand |
| Period | 29/11/10 → 30/11/10 |