期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2012
卷号:43
期号:1
页码:001-007
出版社:Journal of Theoretical and Applied
摘要:The present paper deals with the 4th wave of the Information Security as a new approach to governance of information security. After introducing the four waves of information security, is focused on the last part which will be part of our thesis. Based on the three waves in the development of Information Security, Information Security development is presently in its Fourth Wave. This wave reflects the development of Information Security Governance as a result of the emphasis on good Corporate Governance. The Fourth Wave of Information Security can therefore be defined as the process of the explicit inclusion of Information Security as an integral part of good Corporate Governance, and the maturing of the concept of Information Security Governance. We as Information Security practitioners must use this development to its optimum to ensure the security of IT systems. In addition, following the PDCA approach (Plan, Do Check, Act), we will establish an inventory of information system with the SoM (Statement of Maturity), a risk assessment of assets, a business continuity plan to ensure a resumption of IT.
关键词:Security; PDCA; ISO 27002; ITIL; CObIT; Information
