A conceptual framework of it security governance and internal controls

A conceptual framework of it security governance and internal controls. Asia-Pacific Journal of Information Technology and Multimedia (APJITM), 7 (2). pp. 63-77. ISSN 2289-2192 (2018)



Abstract

The Board and senior management use internal controls and IT risk governance to ensure that the corporations directives such as security policies, standards, procedures, guidelines, administrative rules and practices at all organizational levels are properly chosen and adapted to the organization, implemented and enforced. There were three research problems identified in this paper, lack of involvement of the board and senior management in understanding IS/IT security problems, unbalanced implementation of IS/IT security within the Formal, Technical and Informal components and lack of internal control applications over IS/IT security. This had led to the development of a conceptual framework of IT Security Governance and Internal Controls. Interviews were undertaken with eight Malaysian Publicly Listed Companies to identify the issues that relate to IS/IT Security Governance in Malaysia. The findings reported in the data analysis were consistent with the conceptual framework of IT Security Governance and Internal Controls.

Item Type: Article
Keywords: IT security governance, Technical component, Internal controls, Formal component
Taxonomy: By Subject > Computer & Mathematical Sciences > Information Technology
By Subject > Computer & Mathematical Sciences > Computer Technology and Networking
Local Content Hub: Subjects > Computer and Mathematical Sciences
Depositing User: Atirah Ruslan
Date Deposited: 24 Feb 2021 09:05
Last Modified: 24 Feb 2021 09:05
Related URLs:

Actions (login required)

View Item View Item