| CHAPTER | |
| 3 | Compliance with Standards, Regulations, and Laws |
Information security governance has been characterized as the fourth wave of security management. The first wave was technical in nature, the second wave was managerial, the third wave was institutional, and the fourth wave is about governance. All persons concerned with information security, from the board of directors, to the chief executives, to information technology and information security professionals, and employees of the organization must be concerned with information security governance.
The typical driver of information security governance is the prevention of financial fraud through the manipulation of an organization’s electronic data. Attempts to prevent abuse ...
Get Information Security: The Complete Reference, Second Edition, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
