Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Technical Note

Governing for Enterprise Security

  • June 2005
  • By Julia H. Allen
  • In this 2005 report, Julia Allen examines governance thinking, principles, and approaches and applies them to the subject of enterprise security.
  • Publisher: Software Engineering Institute
    CMU/SEI Report Number: CMU/SEI-2005-TN-023
  • Abstract

    Governing for enterprise security means viewing adequate security as a non-negotiable requirement of being in business. If an organizations management—including boards of directors, senior executives, and all managers—does not establish and reinforce the business need for effective enterprise security, the organizations desired state of security will not be articulated, achieved, or sustained. To achieve a sustainable capability, organizations must make enterprise security the responsibility of leaders at a governance level, not of other organizational roles that lack the authority, accountability, and resources to act and enforce compliance.  

    This technical report examines governance thinking, principles, and approaches and applies them to the subject of enterprise security. Its primary intent is to increase awareness and understanding of the issues, opportunities, and possible approaches related to treating security as a governance concern. In addition, this report identifies resources for enterprise security that leaders can use both within their organizations and with their networked partners, suppliers, and customers.

  • Download

Cite This Report

SEI

Allen, Julia. Governing for Enterprise Security. CMU/SEI-2005-TN-023. Software Engineering Institute, Carnegie Mellon University. 2005. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7453

IEEE

Allen. Julia, "Governing for Enterprise Security," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2005-TN-023, 2005. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7453

APA

Allen, Julia. (2005). Governing for Enterprise Security (CMU/SEI-2005-TN-023). Retrieved July 30, 2016, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7453

CHI

Julia Allen. Governing for Enterprise Security (CMU/SEI-2005-TN-023). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2005. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7453

MLA

Allen, Julia. 2005. Governing for Enterprise Security (Technical Report CMU/SEI-2005-TN-023). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7453

BibTex

@techreport{AllenGoverningfor2005,
title={Governing for Enterprise Security},
author={Julia Allen},
year={2005},
number={CMU/SEI-2005-TN-023},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7453} }