This essay is an annotated bibliography that can be used for research into the topic of information system security and governance. The bibliography examines topics from several different angles of the issue and provides many differing types of resources that describe the problem of IT security and governance.
¶ … US General Accounting Office & National State Auditors Association. "Management Planning Guide for Information Systems Security Auditing." Issued 10 December 2011. Retrieved from http://www.gao.gov/special.pubs/managementpln.pdf
This source is a useful reference that can help determine the history and background of IT security and federal government regulation. This report is the first of its kind and can help provide deep background information on the topic at hand.
Spremic, M., Ivanov, M., Jackovic, B. (2012). IT Governance and information system auditing practice in credit institutions in the Republic of Croatia. International Journal of Applied Mathematics and Informatics, 2(6), 2012: 101,109. Retrieved from http://naun.org/multimedia/UPress/ami/16-201.pdf
This source provides a study to base the effectiveness of IT governance. Despite a question of relevance due to the geographical location of the study, the information still holds value because of the questions the article essentially asked. The study focused on financial institutions performance and actions and their reliance on IT governance.
Bekezhanova, A. & Atymaryeva, L. (2011). Development of Database For Expert Systems of Information Security Auditing. Computer Modeling and New Technologies, 2011, 15(4), 52-57. Retrieved from http://www.tsi.lv/RSR/vol15_4/15_4-8.pdf
This source described a study that was based on the development of database of experts system which will be fully audited information security and will be guided by the information that underlies international standards. The article also discussed how the language of queries Transact SQL is a useful tool.
Baskerville, R. (1993). Information Systems Security Design Methods: Implications for Information Systems Development. ACM Computing Surveys, 25(4), December 1993. Retrieved from http://www.paul- hadrien.info/backup/LSE/IS%20490/baskerville%20risk%20management.pdf
Although this source is twenty years old, there is still some valuable information contained within the pages of this article. The article discussed how the security of information systems is a serious issue because of the rise of computer abuse. The article makes a call for designers to be more security orientated in the design process.
Breisbois, R., Boyd, G., Shadid, Z. (ND). What is IT Governance? And why is it important for the IS auditor. Office of the Auditor General of Canada. Retrieved from http://www.intosaiitaudit.org/intoit_articles/25_p30top35.pdf
This article looks at IT governance from the Canadian Government point-of-view. This article makes national implications for the correct practices of IT security within the Canadian borders. Eventually the article concluded that there are specific steps that need to be taken in order to bridge the gap between private and public sector concepts and approaches to IT governance.
Henczel, S. (2000). The Information Audit as a First Step Towards Effective Knowledge Management: An Opportunity for the Special Librarian. INSPEL 34 (2000),: 210- 226. Retrieved from http://selma3112609.pbworks.com/w/file/fetch/47767426/Information%20audit%20i n%2 0 special%20libraries.pdf
This article sang the praises of information as the key to any organization and then argued that controlling the acquisition and access to information resources is becoming more difficult. As a result a higher level of evaluation and quality control need to be considered. This article discussed the literature to support its claims and provides useful information calling for increased security considerations.
Ruiz, J. (2008). COBIT as a Tool for IT Governance: between Auditing and IT Governance. UpGrade, 9(1), February 2008. Retrieved from http://www.cepis.org/files/cepisupgrade/2008-I-rouyetruiz.pdf
This source provides an analysis of the usefulness of COBIT for the suitability of IT governance. Both the strengths and weaknesses of this system is analyzed in this article before comparing it to Peterson as an alternative means of governance. The article eventually concludes that IT governance must be aligned with the strategic aims of the organization.
You’re 82% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.