From the reviews:

"The authors of this book are known to researchers in information technology security ... . This book is a short introduction to information security governance. ... The book gives managers a quick overview of what this term, 'information security governance,' is about and serves as a reference for managers. The book might also be useful for university courses that only touch on the subject, at an introductory level. ... The book is well written, easy to read, and has clear benefits for the reader." (Edgar R. Weippl, ACM Computing Reviews, June, 2009)

An Introduction to Corporate Governance.- Information Technology Governance.- Information Security and Information Security Governance.- Introducing the Information Security Governance Model.- The Use of Best Practice Standards and Guidelines in Information Security Governance.- The Direct Part of the Model #x2013; An Information Security Policy Architecture.- The Control Part of the Model #x2013; An Information Security Compliance Management Environment.- IT Risk Management.- Organizing the Information Security Function.- Information Security Education, Training and Awareness.- A Methodology for Establishing an Information Security Governance Environment.

IT Security governance is becoming an increasingly important issue for all levels of a company. IT systems are continuously exposed to a wide range of threats, which can result in huge risks that threaten to compromise the confidentiality, integrity, and availability of information. This book will be of use to those studying information security, as well as those in industry.

Key Features:

• The book provides a point of entry into the subject with an easy-to-understand model of Information Security Governance
• Book addresses information security from the governance side, with special emphasis on the accountability of top management
• Ideal for the professional market as it discusses some international best practices for IT Security Governance in detail