Information Security Governance

From Cybersecurity Wiki
Jump to navigation Jump to search

Full Title of Reference

Information Security Governance: A Call to Action

Full Citation

Nat'l Cyber Sec. Summit Task Force Information Security Governance (2004). Web

BibTeX


Categorization

Overview: US Government Reports and Documents

Key Words

Synopsis

To better secure its information systems and strengthen America’s homeland security, the private sector should incorporate information security into its corporate governance efforts. Although information security is not solely a technical issue, it is often treated that way. If businesses, educational institutions, and non-profit organizations are to make significant progress securing their information assets, executives must make information security an integral part of core business operations. There is no better way to accomplish this goal than to highlight it as part of the existing internal controls and policies that constitute corporate governance.

The Corporate Governance Task Force believes that information security governance (ISG) efforts will be most successful if conducted voluntarily, instead of mandated by government. With the appropriate tools and guidance, the private sector can effectively rise to the challenges set out in The National Strategy to Secure Cyberspace.


Additional Notes and Highlights