Höne, KEloff, JHP2010-09-292010-09-292009Höne, K and Eloff, JHP. 2009. Information security governance: business requirements and research directions. Corporate Ownership & Control, Vol. 7(1), pp 309-317http://hdl.handle.net/10204/4408Copyright: Virtus InterpressWorld wide the importance of Information Security Governance is demanding the attention of senior management. This is due to the ever-changing threat landscape requiring that organisations adopt a focussed approach towards the protection of information assets. Any successful approach towards Information Security Governance is dependant on the availability of relevant and timely research outputs. The research community working on Information Security Governance are diverse and appears to be mis-aligned with the needs of the business community. The problem that this paper addresses is twofold. Firstly, it addresses the confusion regarding the meaning of Information Security Governance. Secondly, it assesses the gap between research and business communities from an Information Security Governance perspective. This article analyses the requirements from the business community and mapped it against current research outputs. Findings clearly indicate that the two worlds are not entirely aligned and that in some cases minimum effort is being spent on the topics deemed important by the business community. Information Security Governance in general can benefit from an improved alignment between the needs of business and the outputs of the research community.enSecurity governanceInformation securityArticleHöne, K., & Eloff, J. (2009). Information security governance: business requirements and research directions. http://hdl.handle.net/10204/4408Höne, K, and JHP Eloff "Information security governance: business requirements and research directions." (2009) http://hdl.handle.net/10204/4408Höne K, Eloff J. Information security governance: business requirements and research directions. 2009; http://hdl.handle.net/10204/4408.TY - Article AU - Höne, K AU - Eloff, JHP AB - World wide the importance of Information Security Governance is demanding the attention of senior management. This is due to the ever-changing threat landscape requiring that organisations adopt a focussed approach towards the protection of information assets. Any successful approach towards Information Security Governance is dependant on the availability of relevant and timely research outputs. The research community working on Information Security Governance are diverse and appears to be mis-aligned with the needs of the business community. The problem that this paper addresses is twofold. Firstly, it addresses the confusion regarding the meaning of Information Security Governance. Secondly, it assesses the gap between research and business communities from an Information Security Governance perspective. This article analyses the requirements from the business community and mapped it against current research outputs. Findings clearly indicate that the two worlds are not entirely aligned and that in some cases minimum effort is being spent on the topics deemed important by the business community. Information Security Governance in general can benefit from an improved alignment between the needs of business and the outputs of the research community. DA - 2009 DB - ResearchSpace DP - CSIR KW - Security governance KW - Information security LK - https://researchspace.csir.co.za PY - 2009 T1 - Information security governance: business requirements and research directions TI - Information security governance: business requirements and research directions UR - http://hdl.handle.net/10204/4408 ER -