Abstract: This chapter examines the Information Security Governance and Risk Management domain. This domain also details security governance, or the organizational structure required for a successful information security program. The difference between organizations that are successful versus those that fail in this realm is usually not tied to dollars or size of staff: it is tied to the right people in the right roles. Knowledgeable and experienced information security staff with supportive and vested leadership is the key to success. The domain wraps up with ethics, which is required for successful organizations. This chapter also describes the confidentiality, integrity, and availability, which are the “CIA triad,” and the cornerstone concept of information security. The CIA triad may also be described by its opposite: Disclosure, Alteration, and Destruction (DAD). Disclosure is the unauthorized disclosure of information; alteration is the unauthorized modification of data, and destruction is making systems unavailable.
Publication Year: 2010
Publication Date: 2010-01-01
Language: en
Type: book-chapter
Indexed In: ['crossref']
Access and Citation
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot