Welcome to the InfoSci Platform
Exploring Information Security Governance in Cloud Computing Organisation

Exploring Information Security Governance in Cloud Computing Organisation

Hemlata Gangwar, Hema Date
Copyright: © 2018 |Pages: 19
ISBN13: 9781522556343|ISBN10: 1522556346|EISBN13: 9781522556350
DOI: 10.4018/978-1-5225-5634-3.ch029
Cite Chapter Cite Chapter

MLA

Gangwar, Hemlata, and Hema Date. "Exploring Information Security Governance in Cloud Computing Organisation." Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, IGI Global, 2018, pp. 544-562. https://doi.org/10.4018/978-1-5225-5634-3.ch029

APA

Gangwar, H. & Date, H. (2018). Exploring Information Security Governance in Cloud Computing Organisation. In I. Management Association (Ed.), Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications (pp. 544-562). IGI Global. https://doi.org/10.4018/978-1-5225-5634-3.ch029

Chicago

Gangwar, Hemlata, and Hema Date. "Exploring Information Security Governance in Cloud Computing Organisation." In Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, 544-562. Hershey, PA: IGI Global, 2018. https://doi.org/10.4018/978-1-5225-5634-3.ch029

Export Reference

Mendeley
Favorite

Abstract

The paper reveals factors impacting information security governance within the cloud computing technology implementation in organizations. Case study methodology was used and 15 semi-structured interviews were conducted with directors and information security professionals from 5 different types of organizations. The main component that were identified as playing a significant role in information security governance were: information security strategy, security policies and procedure, risk management and assessment program, compliance and standard, monitoring and auditing, business continuity and disaster recovery, asset management and access control and identity management. The results show that awareness through education and training of employees needs to be given very particular attention in cloud computing security. The paper does not include any end-user perspective in interviews and this end-user context is missing. Companies need to focus upon awareness through education and training of employees. Moreover, management and employee support is the critical component of the effective information security governance framework implementation. Also, organisations should develop their information security using a very precise and detailed planning process that ensures the right cloud computing acceptance by the users. The proposed information security governance framework offers organisations a holistic perspective for governing information security, and minimizes risk and cultivates an acceptable level of information security culture.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.