Please use this identifier to cite or link to this item: https://ir.iimcal.ac.in:8443/jspui/handle/123456789/776
Full metadata record
DC FieldValueLanguage
dc.contributor.authorMahanti, Ambuj
dc.contributor.authorSaha, Partha
dc.date.accessioned2021-08-26T05:46:16Z-
dc.date.available2021-08-26T05:46:16Z-
dc.date.issued2013
dc.identifier.urihttps://www.igi-global.com/chapter/content/69421
dc.identifier.urihttps://ir.iimcal.ac.in:8443/jspui/handle/123456789/776-
dc.descriptionMahanti Ambuj, Department of Management Information Systems, Indian Institute of Management Calcutta, Kolkata; Partha Saha, Indian Institute of Management Calcutta, India
dc.descriptionISSN/ISBN - 978-1466620841
dc.descriptionDOI - 10.4018/978-1-4666-2083-4.ch009
dc.description.abstractIT security governance bridges the gap between corporate governance and information security which is defined as the protection of information and other valuable assets in the organization from a wide range of threats in order to maximize ROI (Return On Investment) and minimize risk. These risks emanate from multiple sources like espionage, sabotage, malicious code, computer hacking, sophisticated denial of service attacks, vandalism, fire, flood, and other natural or manmade calamities. Information security in an organization is achieved by implementing suitable sets of safeguards or controls, including policies, processes, procedures etc. These controls need to be established, monitored, and suitably implemented across organization to ensure smooth functioning of business. There are existing sets of internationally recognized standards like CobiT, ISO17799, and others available, which are country and industry specific. These standards include a set of specific controls. Organizations operating in a particular country should be compliant of these standards, and as often these are legal obligations. Stakeholders and auditors are concerned with discrepancies that accrue in the implementation phases of implementation of these standards in any organization. Compliance Auditing (CA) is the process that identifies and analyses any misalignment of the organization’s rules and policies with respect to government regulations/industry best practices, which they are supposed to implement. A distinct challenge in compliance auditing is the measurement of discrepancies between company policies, controls, and industry standards vis-a-vis actual organizational practices.
dc.publisherAR-IIMC
dc.publisherIGI Global, In the book IT Security Governance Innovations: Theory and Research
dc.titleOntology Based Multi Agent Modelling for Information Security Measurement
dc.typeBook Chapter
Appears in Collections:Management Information Systems

Files in This Item:
There are no files associated with this item.


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.