Title

Decision Making, It Governance, And Information Systems Security

Keywords

Decision rights; IS security; IT governance; Organizational decision making

Abstract

The complex issue of IS security involves organizational factors. Decision making, an important area of organizations, however, has only been studied to a limited extent in relation to IS security. In this paper we explore the relationship between organizational distribution of decision rights and IS security. We review the security literature and identify three aspects of an organization as what we term the pillars bolstering the success of IS security - people, processes/structures, and technology. We top our IS Security Architecture with the integrative truss of IS security strategy. Employing Weill and Ross' (2004) IT governance archetypes, we link this IS Security Architecture to IT governance, and propose that IT governance patterns can enhance security when the governance archetype in place matches the decision profile required by a security practice.

Publication Date

12-1-2005

Publication Title

Association for Information Systems - 11th Americas Conference on Information Systems, AMCIS 2005: A Conference on a Human Scale

Volume

7

Number of Pages

3239-3247

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

Socpus ID

84869754348 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/84869754348

This document is currently not available here.

Share

COinS