IT Governance, Risk, and Compliance

Dec 27 2012   1:31AM GMT

eBook excerpt: Assuring Information Security – Part V

Robert Davis Robert Davis Profile: Robert Davis

1.1 Control Environment

“…culture determines the behaviour of people in an organisation and should, therefore, be used to influence the behaviour of people with regard to information security.” – Kerry-Lynn Thomson and Rossouw von Solms

Most entities operate in an environment that is influenced by perceived stakeholder values; the entity’s mission, vision and values; community and organizational ethics and culture; applicable laws, regulations and policies; as well as industry practices.  When interacting with the environment, organizational units endeavor to maintain their basic culture while attempting to control external and internal factors impacting programs, systems, and processes dedicated to pursuing the entity’s mission.  In systems theory, this characteristic is known as dynamic homeostasis.  Contextually, ‘dynamic’ means that homeostasis is achieved even though the system is in a constant state of variable activity.  Consequently, in response, organizational units generally rely on adaptive processes for appropriate responses to cope with changing environmental circumstances.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: