Keywords

information security, IT governance, agency relationships, decision rights

Abstract

This dissertation is composed by three essays that explore the relationship between good IT governance and effective information security services. Governance steers and verifies performance of fiduciary duties, through the implementation of proper governance mechanisms. With a focus on information security, this essay presents three categories of governance mechanisms - process-based, structural, and relational. When properly instituted, they work together to ensure that IT understands business requirements for information security and strives to fulfill them. An explanation is offered about the efficacy of those mechanisms, based on an agency theory perspective that views IT as an agent for business. The two underlying causes for agency problems are goal incongruence and information asymmetry between the agent and the principal. Governance mechanisms help to reduce both goal incongruence and information asymmetry. Hence, they lead to desired outcomes. A theoretical framework is presented and empirical tested.

Notes

If this is your thesis or dissertation, and want to learn how to access it or for more information about readership statistics, contact us at STARS@ucf.edu

Graduation Date

2007

Semester

Fall

Advisor

Saunders, Carol

Degree

Doctor of Philosophy (Ph.D.)

College

College of Business Administration

Department

Management Information Systems

Degree Program

Business Administration

Format

application/pdf

Identifier

CFE0001965

URL

http://purl.fcla.edu/fcla/etd/CFE0001965

Language

English

Length of Campus-only Access

None

Access Status

Doctoral Dissertation (Open Access)

Download

Share

COinS