For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Research on Risk Index Reduction in Chain Retail Enterprises
p.2183
Dealing with Loop-Based Map by Line Maze Robot Training Kit
p.2187
Entropy Model on the System Management Structure Order Degree Evaluation
p.2191
Evaluation Index System of Agricultural Information
p.2195
Show the Way to Information Security Governance for Universities in Taiwan
p.2199
Study on Improving the Assessment Methodology to the Technological Personnel through Information Network Technology
p.2204
Multi-Period Virtual Cell Formation: A New Methodology Based on Non-Linear Mixed-Integer Programming Model
p.2210
Research on Manufacture Enterprises’ Logistics Costing Account and Control Based on ABC
p.2218
The Research of Medical Equipment Management Based on JCI Standard
p.2226

Show the Way to Information Security Governance for Universities in Taiwan

Article Preview

Abstract:

This study used a questionnaire survey, investigating the maturity of information security governance (ISG). The main objective is to assess the maturity, exploring the factors concerned, providing path analysis of maturity, and showing the way to ISG. Questionnaires were sent to 71 schools of CIO, and 68 returned. The effective sample return rate is 95.8%. In order to improve the maturity of ISG for universities, this study aims to look for maturity relevant factors. According to assessment Tool to explore an overall security evaluation rating approach, this study finds that schools with low rate of maturity take up 39.7%, schools with medium rate 33.8%, high 26.5%. With discriminant analysis, the maturity of ISG can distinguished in low, medium, and high rate. With correlation analysis, this study finds that 31 items have significant correlation. With analysis of variance (ANOVA), post hoc range test and ANOVA multiple comparison least significant difference (LSD) are used to confirm that there is significant differences between the items of the maturity of ISG. This study also finds the security management problems that are too much reliant on IT. Especially their maturity of ISG is lower and the items in the risk management aspect are very low.

You might also be interested in these eBooks
Advances in Mechatronics and Control Engineering View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 278-280)

Pages:

2199-2203

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.278-280.2199

Citation:

Cite this paper

Online since:

January 2013

Authors:

Chir Neng Hung, Ming Dar Hwang, Yuan Chen Liu

Keywords:

Academic Information Security Governance, Information Security, Information Security Governance, Information Technology Governance

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] Abbas Toloie Eshlaghy, Alireza Pourebrahimi and Babak Zendehdel Nobari. Presenting a Model for Ranking Organizations Based on the Level of the Information Security Maturity, Computer and Information Science, Vol. 4, No. 1 (2011), pp.72-78.

DOI: 10.5539/cis.v4n1p72

Google Scholar

[2] Basie von Solms. Information Security governance: COBIT or ISO 17799 or both?, Computers & Security, Vol. 24 (2005), pp.99-104.

DOI: 10.1016/j.cose.2005.02.002

Google Scholar

[3] Corporate Governance Task Force. Information Security Governance: A Call to Action, CGTF Report (2004).

Google Scholar

[4] David A. Chapin and Steven Akridge. How Can Security Be Measured?, Information Systems Control Journal, Vol. 2 (2005).

Google Scholar

[5] EDUCAUSE Security Tasks Force. Information Security Governance Assessment Tool For Higher Education, Boulder, Colorado and Washington, D.C. (2004).

Google Scholar

[6] Entrust. Information Security Governance : An Essential Element of Corporate Governance (2004).

Google Scholar

[7] ITGI. Information Security Governance: Guidance for Boards of Directors and Executives Management (2nd ed. ), IT Governance Institute (2006).

Google Scholar

[8] John P. Pironti. Developing Metrics for Effective Information Security Governance, Information Systems Control Journal, Vol. 2 (2007), pp.1-5.

Google Scholar

[9] Kenneth J. Knapp, R. Franklin Morris Jr., Thomas E. Marshall and Terry Anthony Byrd. Information Security Policy: An Organizational-level Process Model, Computer & Security, (2009), pp.1-16.

DOI: 10.1016/j.cose.2009.07.001

Google Scholar

[10] Marthie Lessing and S.H. von Solms. Building a World Class Information Security Governance model, Proceedings of IST-Africa 2008 Conference (2008).

Google Scholar

[11] Richard Boes, Tom Cramer, Vicky Dean, Roger Hanson and Nan Mckenna. Campus IT Security: Governance, Strategy, Policy, and Enforcement, EDUCAUSE Applied Research (2006).

Google Scholar

[12] Rossouw von Solmsa and Sebastiaan H. von Solms. Information Security Governance: A model based on the Direct-Control Cycle, Computers & Security, Vol. 25 (2006), pp.408-412.

DOI: 10.1016/j.cose.2006.07.005

Google Scholar

[13] Taiwan's Science and Technology Advisory Group of Executive Yuan. An Integrated Study on Information Security Development Policy: Information Security Governance Mechanism and the Continuous Developing Plan, Executive Yuan, Taiwan (2008).

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.