The Information System Security Governance Tasks in Small and Medium Enterprises
Heinrihs Kristians Skrodelis, Jūlija Strebko, Andrejs Romānovs
Abstract
Information Technology (IT) has become the backbone of Small and Medium Enterprises (SME) since it is crucial to their everyday activities and development. Such dependency on IT also provides certain risks [1], therefore there is a need for Enterprise Governance of IT (EGIT) and Information System security implementation. Many frameworks, including one of the most popular - COBIT, provides the structure and the best practice for such implementation. EGIT implementation often requires plenty of IT resources which SME lack, thus some recommendations and guidance are needed. The research is addressing the lack of support for the information security implementation of the COBIT framework in Small and Medium Enterprises (SME).