Abstract
There is a dearth of academic research literature on the practices and commitments of information security governance in organizations. Despite the existence of referential and standards of the security governance, the research literature remains limited regarding the practices of organizations and, on the other hand, the lack of a strategy and practical model to follow in adopting an effective information security governance. This chapter aims to discuss the information security governance and to address the weaknesses identified in the literature. Based on practices of information security management and governance, the authors propose ISGO, a practical maturity framework for the information security governance and management in organizations. The findings will help organizations to assess their capability maturity state and to address the procedural, technical, and human aspects of information security governance and management process.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
