Information Security Governance Bibliography

Developing better Information Security Governance.

Our Information Security Governance Bibliography contains references to both academic conference and journal papers on security governance only. You can find bibliographies on security management and security culture in our other sections.

While we included some corporate governance papers, we are concentrating in this bibliography on security governance at lower levels of the organisation, not corporate security governance. If you are looking for more papers on relevant corporate governance issues or IT governance issues, you will find those references in our papers. Please let us know if you know of a reference that you think we should include!

    Dhillon, G. and Mishra, S. (2007) Information Systems Security Governance Research: A Behavioral Perspective. 2nd Annual Symposium on Information Assurance. New York State.
    Dhillon, G., Tejay G. and Hong W. (2007) Identifying Governance Dimensions to Evaluate Information Systems Security in Organizations. 40th Annual Hawaii International Conference on System Sciences HICSS 2007.
    Dhillon, G. and Mishra, S. (2006) The Impact of Sarbanes-Oxley Act on Information Security Governance. In Enterprise Information Systems Assurance and Systems Security: Managerial and Technical Issues. Eds Warkentin, M. and Vaughn, R. Hershey PA, Idea Group Publication.
    IT Governance Institute. (2006) Information Security Governance: Guidance for Boards of Directors and Executive Management, 2nd Edition (Not really an academic paper)
    Koh K., Ruighaver AB, Maynard SB & Ahmad A. (2005) Security governance: Its impact on security culture. In CV Valli & A Woodward (eds), Proceedings of 3rd Australian Information Security Management Conference, 1-13. Perth, Australia: School of Computer and Information Science, Edith Cowan University.
    Lindup, K. (1996) The role of Information security in Corporate Governance. Computers and Security (15) 477-485
    Moulton, R. and Coles, R.S. (2003) Applying Information Security Governance. Computers and Security (22:7) 580-584
    Posthumus, A and Solms, R.V. (2004) A framework for the Governance of Information Security. Computers and Security (23) 638-646
    Solms B. (2001) Corporate Governance and Information Security. Computers and Security (20:3) 215-218.
    Tan CCT & Ruighaver AB. (2004) Developing a framework for understanding security governance, In BH Hutchinson & CV Valli (eds), 2nd Australian Information Security Management Conference 2004 - Conference Proceedings. 1-11. Churchlands, Australia: Edith Cowan University.
    Tan CCT & Ruighaver AB . (2005) A framework for investigating the development of security strategy context in organisations, In G Pye & M Warren (eds), Conference Proceedings of the 6th Australian Information Warfare & Security Conference: Protecting the Australian Homeland . 216-226. Geelong, Australia: School of Information Systems, Deakin University.
    Tan CCT & Ruighaver AB. (2005) Understanding the scope of strategic context in security governance, In B Cusack (ed), IT Audit: A Strategic Foundation for Corporate Governance, 65-77. Auckland, New Zealand: School of Computer & Information Science, Auckland University of Technology.

    Security tutorials
    Free resources

    Affordable web hosting
    and reliable

    Bumper stickers
    Funny stickers