Corporate Governance, Term Paper

Pages: 13 (3850 words)  ·  Bibliography Sources: 15  ·  File: .docx  ·  Level: Master's  ·  Topic: Business


Information Security Governance comprises, Leadership, company structures, procedures and monitoring systems and technologies that ascertain privacy, reliability and availability of company data.

5.1 Corporate Governance and Information Security Governance

Corporate Governance entails set of laws, regulations, and internal controls that manages and regulates organizations. Information security governance is a division of companies' general corporate governance plan. The information maintained by companies is one of the fundamental assets for the success of the business. The boardroom accounts for the success of the company bears the responsibility of safeguarding classified information. The safety of such information is achievable through efficient management and ascertained by efficient oversight of the board members (Whitman, Michael, Mattord & Herbert, 2012).

Companies view Information security governance as a complex issue because it entails risk management issues, transparency and liability. Efficient security needs active involvement of executive management to evaluate rising threats and empower leadership. TechNet approved on the significance of integrating a scalable government structure to assist organizations describe the path from responsiveness about Information Security issues to execution of solutions. With such objective underway, TechNet formed subcommittees to;

a) Refine the current literature on Information Security governance

Buy full Download Microsoft Word File paper
for $19.77
b) Form a preface structure for Information Security governance

c) Modify implementation directions for diverse bodies

d) Suggest procedures for analyzing compliance


6.1 Information Security Governance Framework

1) TechNet should incorporate Information security governance to establish cyber security into its corporate governance procedures.

Term Paper on Corporate Governance, IT Governance and Assignment

Information security governance (ISG) is an integral element for effective management of organization. The status of information security requires that immediate attention in order to ascertain that information is uncompromised and the systems remains safe. TechNet has the responsibility of examining the best practices to information security governance and identify how the company will enhance ISG framework. The framework developed suggests implementation of controls to assist secure company's data and information systems. In other words, Information Security governance will focuses on the following issues in order to strengthen the system.

a) Emphasize on the powers and responsibilities of the board members.

b) Stress on the authority and duties of the top executive

c) Underscore on the powers and functions of executive committee

d) Powers and responsibilities of top management

e) Duties of company employees, stakeholders and shareholders

f) Develop security program

g) Managerial unit reporting

h) Data security program assessment

The subcommittee should create a matrix for mapping the various components of the framework to various company structures. Based on the framework, the top executive has the authority of delegating different Information security duties to the suitable persons in the company. Both the framework and the matrix aim at assisting the company in developing an internal model for implementing information security governance. As information security becomes integral in the overall company operations, it becomes fundamental to establish strong governance models to ascertain effective infrastructure. The responsibility of the subcommittee is to evaluate the company structures and governance and provide a framework that enhances information security. This program will ascertain safety of classified information in rising cyber security threats (Wilkin, Campbell & Moore, 2012).

6.2 Implementation of Information Security framework

With the growing data security threats, most companies are integrating Information security with other business models, an approach intended to accomplish the objective of incorporating information security with corporate governance. The TechNet subcommittee entrusted with the responsibility of developing an ideal information security program affirms that adapting and executing the framework and evaluation tool is fundamental in beefing up data security. The security program is a company improvement program that functions as an avenue for establishing, planning and executing development actions. The ISG evaluation program correctly introduced by companies is an initial step in integrating information security into the company's corporate governance framework (Adegbite, 2011).

An increased attention on information security will beef up company's general status and empower its security position. The program recommended by the subcommittee will reinforce the framework developed by the Corporate Governance .The program will help the company assess the value of the implemented Information Security governance framework. The company intends to use the framework and the security program in addressing a wide range of information security areas that influence various company procedures to counteract risks within the company.

The company uses a broad range of acceptable methodologies to create the program and remain suitable alternative for companies to rely for information security concerns. The objective is merely for companies to view information security as a fundamental component of business operations (Adegbite, 2010). In simplifying the functions played by the information, the company divides Information Security governance into four;

a) Company Dependency - evaluates Company's dependence on information technology for stability purposes and as the level of company interdependency and control.

b) Risk Management -- analyses the risk management procedures as it intends to develop information securing approaches and tools

c) Personnel -- analyze the aspects of the company on information security program

d) Processes -- The Company identifies procedures that forms part of information security program.

The company relies on ISG evaluation program and framework in understanding the functions of information security governance has in company and the ways to improve it. Initially, corporate organizations were the only organizations that used ISG, however, with the rising cyber security threats, other businesses have shown their interests. This paper intends to introduce and emphasize the functions of information security governance to businesses without a security program. It evaluates and adapts effective recommendations for introducing the Information security governance framework and program to fit into various company cultures and structures (Adegbite, 2011).

6.3 ISG authentication and conformity

Information security shares similarities with quality assurance. In recognizing the relationship, the company has intentionally implemented verification and compliance policy recommendations intended to improve quality of security issues. With technological advancement on everyday basis, information security needs incessant improvement. The Corporate Governance affirms that with untimely quality assurance programs, may companies fear that endeavors to enhance information security will elevate business costs. Similar to quality assurance, however, information security increases productivity, heightens customer contentment, and eventually, increases brand loyalty. The following recommendations facilitate the authentication and conformity ISG efforts (Adegbite, 2010).


TechNet should indicate their devotion to Information Security governance by affirming their intention of relating with corporate governance in evaluating their performance and provide the report to the board members.

The Information Security governance structure and implementation program that corporate governance develops assists in establishing the process and assume evaluations that are more thorough and which functions as foundation for future improvement. The principles help initiate efforts to integrate information security into corporate governance assessment tools.

a) Chief executive officers should evaluate annual information security, analyze the evaluation report with employees and present a performance report to the boardroom. In addition, it is essential for the company to perform periodic risk evaluations of information assets and incorporate it with risk management program.

b) As well, the company should develop policies and processes established on risk assessments to safeguard information assets.

c) As part of the recommendation, the company should implement a security management framework to delegate competent individual duties, responsibilities, power, and liability.

d) Furthermore, the company should execute plans and establish actions to offer sufficient information security for systems and data.

e) The company should handle Information security as a fundamental aspect in business life cycle

f) The company should offer information security responsiveness, training, and education to employees

g) The company should perform periodic assessment of the efficiency of information security guidelines and processes

h) The company should develop and implement a plan for counteractive response to address any information security risks

i) It is also necessary for the company to create and initiate event response procedures.

j) As well to ascertain continuous company operations, the company should implement plans, process and evaluations

k) Finally, in order to evaluate information security performance, the company should employ Security guidance practices, for instance, ISO 17799

Recommendation 3:

Companies that embrace corporate governance program should indicate their devotion to information security governance by willingly showing an interest on their company website. Furthermore, TechNet Company should persuade its employees to employ information security governance and put it on the websites. Furthermore, the board members should introduce information security governance, indicate it on the website, and if possible encourage the employees to follow the suit. In order to conform to the voluntary effort, the company embracing the corporate governance should accept and execute the recommendations in order to establish a good reputation and be a role model to others. Furthermore, the company should openly support information security Governance, and sell the idea to their employees.


This paper discusses the distinction and need for Governance at the Corporate Governance, IT Governance, and Information Security Governance. Governance is the process of strengthening leaders to execute rules that are enforceable and adjustable when necessary. The company views corporate governance, IT Governance and Information Security Governance is an approach embraced by the company in safeguarding company's classified information. As… [END OF PREVIEW] . . . READ MORE

Two Ordering Options:

Which Option Should I Choose?
1.  Buy full paper (13 pages)Download Microsoft Word File

Download the perfectly formatted MS Word file!

- or -

2.  Write a NEW paper for me!✍🏻

We'll follow your exact instructions!
Chat with the writer 24/7.

Corporate Governance Research Proposal

Corporate Governance in Etisalat UAE Term Paper

Corporate Governance in Australia Term Paper

Corporate Governance and Accountability Essay

Corporate Governance and Social Responsibility the Pyramid Research Paper

View 200+ other related papers  >>

How to Cite "Corporate Governance, " Term Paper in a Bibliography:

APA Style

Corporate Governance, .  (2013, August 31).  Retrieved April 5, 2020, from

MLA Format

"Corporate Governance, ."  31 August 2013.  Web.  5 April 2020. <>.

Chicago Style

"Corporate Governance, ."  August 31, 2013.  Accessed April 5, 2020.