Information Security Governance
- Information Security Governance
Information Security Governance, Information Security Governance or ISG, is a subset discipline of Corporate Governance focused on information Security systems and their performance and risk management.
Applicable Frameworks
* [http://www.isaca.org/Content/ContentGroups/ITGI3/Resources1/Information_Security_Governance_Guidance_for_Boards_of_Directors_and_Executive_Management/Info-Security-Gov-2nd-Ed-3-2006.pdf Information Security Governance: Guidance for Boards of Directors and Executive Management 2nd Edition]
* [http://www.ism3.com/download/ISM3_v1.20.pdf ISMS³ 1.20 - Information Security Management Maturity Model]
See also
* Certified Information Security Manager
* Certified Information Systems Security Professional
* Chief information security officer
* Information security
* Information Security Department
* Information Security Management
External links
* [http://www.ism3.com ISMS³ - Information Security Management Maturity Model Group Page]
Wikimedia Foundation.
2010.
Look at other dictionaries:
Information security — Components: or qualities, i.e., Confidentiality, Integrity and Availability (CIA). Information Systems are decomposed in three main portions, hardware, software and communications with the purpose to identify and apply information security… … Wikipedia
Information technology governance — Information Technology Governance, IT Governance or ICT (Information Communications Technology) Governance, is a subset discipline of Corporate Governance focused on information technology (IT) systems and their performance and risk management.… … Wikipedia
Information Security Department — The Information Security Department is a department in the Israel Defense Forces Directorate of Military Intelligence, responsible for preventing classified information from being compromised by unauthorized elements. It was formerly known as the … Wikipedia
Information security professionalism — is the set of knowledge that people working in Information security and similar fields (Information Assurance and Computer security) should have and eventually demonstrate through certifications from well respected organizations. It also… … Wikipedia
Information security management system — An Information Security Management System (ISMS) is, as the name suggests, a set of policies concerned with information security management. The idiom arises primarily out of ISO/IEC 27001.The key concept of ISMS is for an organization to design … Wikipedia
Information security audit — An information security audit is an audit on the level of information security in an organization. Within the broad scope of auditing information security there are multiple type of audits, multiple objectives for different audits, etc. Most… … Wikipedia
Certified Information Security Manager — (CISM) is a certification for information security managers awarded by ISACA (formerly the Information Systems Audit and Control Association). To gain the certifications, individuals must pass a written examination and have at least five years of … Wikipedia
Chief information security officer — A chief information security officer (CISO) is the senior level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy and program to ensure information assets are adequately protected. The… … Wikipedia
Certified Information Security Manager — CISM (Certified Information Security Manager) ist eine IT Sicherheits Zertifizierung. Es soll erfahrenen Führungs und Fachkräften die Möglichkeit gegeben werden, ihre Qualifikation hinsichtlich der Planung, der Umsetzung sowie der Steuerung und… … Deutsch Wikipedia
Enterprise Information Security Architecture — (EISA) is a part of enterprise architecture focusing on information security throughout the enterprise. Definition Enterprise Information Security Architecture (EISA) is the practice of applying a comprehensive and rigorous method for describing… … Wikipedia
