Welcome to the InfoSci Platform
Reference Hub2
Exploring Information Security Governance in Cloud Computing Organisation

Exploring Information Security Governance in Cloud Computing Organisation

Hemlata Gangwar, Hema Date
Copyright: © 2015 |Volume: 2 |Issue: 1 |Pages: 18
ISSN: 2327-7483|EISSN: 2327-7491|EISBN13: 9781466680692|DOI: 10.4018/ijamse.2015010104
Cite Article Cite Article

MLA

Gangwar, Hemlata, and Hema Date. "Exploring Information Security Governance in Cloud Computing Organisation." IJAMSE vol.2, no.1 2015: pp.44-61. http://doi.org/10.4018/ijamse.2015010104

APA

Gangwar, H. & Date, H. (2015). Exploring Information Security Governance in Cloud Computing Organisation. International Journal of Applied Management Sciences and Engineering (IJAMSE), 2(1), 44-61. http://doi.org/10.4018/ijamse.2015010104

Chicago

Gangwar, Hemlata, and Hema Date. "Exploring Information Security Governance in Cloud Computing Organisation," International Journal of Applied Management Sciences and Engineering (IJAMSE) 2, no.1: 44-61. http://doi.org/10.4018/ijamse.2015010104

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

The paper reveals factors impacting information security governance within the cloud computing technology implementation in organizations. Case study methodology was used and 15 semi-structured interviews were conducted with directors and information security professionals from 5 different types of organizations. The main component that were identified as playing a significant role in information security governance were: information security strategy, security policies and procedure, risk management and assessment program, compliance and standard, monitoring and auditing, business continuity and disaster recovery, asset management and access control and identity management. The results show that awareness through education and training of employees needs to be given very particular attention in cloud computing security. The paper does not include any end-user perspective in interviews and this end-user context is missing. Companies need to focus upon awareness through education and training of employees. Moreover, management and employee support is the critical component of the effective information security governance framework implementation. Also, organisations should develop their information security using a very precise and detailed planning process that ensures the right cloud computing acceptance by the users. The proposed information security governance framework offers organisations a holistic perspective for governing information security, and minimizes risk and cultivates an acceptable level of information security culture.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.