CII::SS >>> Information Risk Management


About CII	SecureSynergy: ISO27001 certified company

IRM HOME


	Introduction

	Services
	- Consulting
	- Training

	Newsletter

	News

	Security Library

	InfoSec Glossary

	Contact / Feedback

AUDIT FACILITATION

Vet an Indian company

END-USER CERTIFICATION

Certified Information Security Aware User (CISAU)

CII HOME


Other CII Services
::	WTO
::	TQM
::	TPM
::	Technology & IPR
::	SME
::	Skills Initiative
::	Library
::	IRM
::	Invest India Services
::	Green Business
::	Exports
::	Environment Mgmt
::	Energy
::	Corporate Advisory
::	Climate Change
::	Business Development Services

IT Security Governance

CII recognises that information has emerged as the primary driver for economic wealth in the 21st century. Similarly, in business, information has become as critical as financial resources and mandates the same level of commitment to its management as that of financial supervision.

IT has attained new importance in an increasingly networked marketplace. The complexity, speed, interconnectivity and globalisation of business activities have made IT strategic to enterprise growth; essential for enterprise survival. Given the importance of IT in business, its effective governance has become crucial, due to the impact that IT can have on shareholder value.

While IT generates many direct and indirect benefits, it also brings with it the potential for causing harm. IT assets are subject to harm from threats and vulnerabilities; which can result in loss, inaccessibility, alteration, or wrongful disclosure of information assets through hackers, malicious code attacks, etc. The gap between the degree of management required and the degree of management actually applied, directly affects the overall performance of the enterprise, and therefore, shareholder value.

CII shall play an advisory role in creating awareness about the various aspects of IT Governance and IT Security Governance amongst the Board of Directors of Indian companies through a series of seminars, newsletters, mailers, pamphlets, etc. The specific areas of focus are given below.

IT Governance

Comprehending the relevance of IT governance as a component of corporate governance to achieve the business mission with optimal utilisation of resources.

Addressing the dependability on IT assets for enabling business processes, as well as for continuity of business operations in the face of contingencies.

Understanding the objectives of IT governance, which are:-

:: Strategic alignment of IT assets with business mission

:: Accountability to shareholders and other stakeholders, by adding value to business bottom lines through IT

:: Monitoring of enterprise IT asset management

IT Security Governance
	Generating awareness that when insufficient controls are applied to IT related risks, the impact can be so adverse as to threaten the very survival of an enterprise

	Realising that management of IT related risks is an IT Governance issue, rather than an issue to be addressed by the IT security management at a tertiary level in the organisation

	Understanding that budgetary provisions for IT security should be considered at Board level

	Appreciating how criticality of information security, along with the need for making substantial investments, has made IT security governance a key component of IT governance and corporate governance

Information Security - A Business Enabler

IRM - A BPO Imperative

Standards & Regulatory Compliance

Information Risk Management (IRM) Service for Industry

in partnership with SecureSynergy

IT SECURITY TRAINING

CII has designed courses for Board of Directors, CEOs, CFOs, CIOs and Management Decision Makers in areas affecting IT Security Governance and implementation of enterprise-wide security programs.

::. MUST READ .::

Role of IT in Corp Governance

IT Security Governance

Information Security - A Business Enabler

IRM - A BPO Imperative

Say yes to
S T A N D A R D S & R E G U L A T O R Y
C O M P L I A N C E
Regulation establishes security duties and standards to foster better governance...