A percepção gerencial sobre o modelo de gestão da segurança da informação de uma empresa pública de TIC: perspectiva de evolução para um modelo de governança
AUTOR(ES)
Maria do Carmo Soares de Mendonça
DATA DE PUBLICAÇÃO
2007
RESUMO
In the globalized world of information and communication technology (ICT), the threats to information systems and computer networks make information security a key element to competitive advantage in order to guarantee the success of both private and public organizations. In this context, security management takes on a key role in the strategy of risk recognition and definition of adequate controls in order to guarantee institutional longevity, joining the responsibility of upper management, management executives, clients and stakeholders in the definition and the aid of plans that can support the objectives of the business. Nowadays, one can note a tendency to adopt a structure of governance for information security, in an effort to guarantee a substantial link to the strategic objective of sustainable growth of the enterprise. Accordingly, this study proposes to investigate the perception of senior management of a public ICT enterprise related to information security in their line of business. This research discusses the issues of governance and management, security in the area of human resources, planning, incident management, business continuity and conformity with regard to legal requisites. The results of this research indicate that, in spite of the existence of an information security management policy, factors such as poor strategic visibility of security by top management, partially sufficient support from upper management and partial integration between the areas to improve the level of security have been determining factors in order for the security actions to be isolated, indicating a necessity for more effective controls regarding investment in security and its result with respect to the business.
ASSUNTO(S)
governança e gestão gestão do conhecimento sistemas de segurança; tecnologia da informação information technology segurança da informação governance and management, information security administracao
ACESSO AO ARTIGO
http://www.bdtd.ucb.br/tede/tde_busca/arquivo.php?codArquivo=733Documentos Relacionados
- Governança ágil em TIC: rompendo paradigmas
- Um modelo organizacional para a interiorização da Aduana brasileira: perspectiva perante o mercosul e a administração pública gerencial
- Segurança da informação: um estudo sobre a percepção do usuário da informação contábil
- Uma metodologia para implantação de um Sistema de Gestão de Segurança da Informação
- Um Estudo em gestão do conhecimento para uma empresa de tecnologia da informação
