Information Security Governance
Encyclopedia
Information Security Governance, Information Security Governance or ISG, is a subset discipline of Corporate Governance
focused on information Security
systems and their performance
and risk management
.
Corporate governance
Corporate governance is a number of processes, customs, policies, laws, and institutions which have impact on the way a company is controlled...
focused on information Security
Information security
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction....
systems and their performance
Performance management
Performance management includes activities that ensure that goals are consistently being met in an effective and efficient manner. Performance management can focus on the performance of an organization, a department, employee, or even the processes to build a product or service, as well as many...
and risk management
Risk management
Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities...
.
Applicable Frameworks
See also
- Certified Information Security ManagerCertified Information Security ManagerCertified Information Security Manager is a certification for information security managers awarded by ISACA...
- Certified Information Systems Security ProfessionalCertified Information Systems Security ProfessionalCertified Information Systems Security Professional is an independent information security certification governed by International Information Systems Security Certification Consortium ²...
- Chief information security officerChief information security officerA chief information security officer is the senior-level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy and program to ensure information assets are adequately protected...
- Data erasureData erasureData erasure is a software-based method of overwriting data that completely destroys all electronic data residing on a hard disk drive or other digital media. Permanent data erasure goes beyond basic file deletion commands, which only remove direct pointers to data disk sectors and make data...
- Information securityInformation securityInformation security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction....
- Information Security DepartmentInformation Security DepartmentThe Information Security Department is a department in the Israel Defense Forces' Directorate of Military Intelligence, responsible for preventing classified information from being compromised by unauthorized elements...
- Information Security ManagementInformation Security ManagementInformation security describes activities that relate to the protection of information and information infrastructure assets against the risks of loss, misuse, disclosure or damage...