Case 3 | it 537

CORPORATE GOVERNANCE FOR INFORMATION SYSTEMS SECURITY

IT corporate governance is used for enterprise risk management and best management practices. These governance policies and procedures enable the firms to institute best practices as well as be held accountable.

In this Case, you will review the principles of IT governance and information security governance using the practical and regulatory perspectives. First review this ISACA report.

ISACA (2012). COBIT Framework for IT Governance and Control. Available at http://www.isaca.org/Knowledge-Center/cobit/Pages/Overview.aspx

Case Assignment

Using the COBIT material noted above and other related material, compose a short paper 3-5 pages on the topic.

Use the COBIT/CMMI Pathway Tool to determine the Practice areas in which to include security in the governance framework and discuss the maturity level as well. You can develop a table to help with this paper.

Go to this site and use your Trident email address to register and download this COBIT/CMMI tool. You will need to register on the ISACA website – just use your Trident email address and you can freely download this tool.
http://bit.ly/2KTQvmQcmmi

Why should organizations incorporate security into their governance efforts?

Assignment Expectations

Please address the following issues:

• Security governance principles
• IT governance stakeholders
• IT governance justification to managers
• Role of IT security professionals in terms of governance