Download

Download eBook for Free

Full Document

FormatFile SizeNotes
PDF file 1.2 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.

Summary Only

FormatFile SizeNotes
PDF file 0.4 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.

Purchase

Purchase Print Copy

 FormatList Price Price
Add to Cart Paperback37 pages $18.00 $14.40 20% Web Discount

This report, prepared for and funded by the Information Assurance Advisory Council, analyzes the relationship between corporate governance and information assurance. The study examines the ways in which information assurance can be embedded into corporate risk management processes in the changing corporate governance environment. Corporate governance now calls for effective management of risks but board-level awareness is not yet being translated into effective controls. This study outlines the ways in which information assurance can be embedded into corporate risk management practices and how companies can be incentivized to adopt good practices.

Table of Contents

  • Chapter One

    Introduction

  • Chapter Two

    Corporate Governance & Risk Management

  • Chapter Three

    Information Assurance: Managing Information Age Risk

  • Chapter Four

    Elements of Corporate Information Risk Management

  • Chapter Five

    Incentivising the Board

  • Chapter Six

    Recommendations

  • Appendix

    International Perspectives

Research conducted by

The research reported here was sponsored by The Information Assurance Advisory Council (IAAC). Further information may be found at their website: www.iaac.org.uk.

This report is part of the RAND Corporation monograph report series. The monograph/report was a product of the RAND Corporation from 1993 to 2003. RAND monograph/reports presented major research findings that addressed the challenges facing the public and private sectors. They included executive summaries, technical documentation, and synthesis pieces.

Permission is given to duplicate this electronic document for personal use only, as long as it is unaltered and complete. Copies may not be duplicated for commercial purposes. Unauthorized posting of RAND PDFs to a non-RAND Web site is prohibited. RAND PDFs are protected under copyright law. For information on reprint and linking permissions, please visit the RAND Permissions page.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.