Abstract
This article first reviews the major IT governance frameworks and then discusses the case study of a multinational enterprise. A problem and gap analysis employing an information security management systems (ISMS) compliance approach is performed via the establishment and evaluation of the company's statement of applicability (SOA) according to ISO 27001. The article concludes with recommendations for how the company can address the gaps in its ISMS and achieve security compliance in its IT governance.
Get full access to this article
View all access options for this article.