Abstract
To ensure the likely success of an organisation’s Information Security Governance, discipline
leaders recommend that organisations follow the guidelines as set out in Information Security
Governance best practice documents. Best practices and related documents from the
Information Security Governance discipline, as well as best practices and related documents
from the Corporate Governance and Information Technology Governance disciplines, all
include sections pertaining to Information Security, Information Security Governance and
Information Technology assets. This study puts these sections together, and constructs an
Information Security Governance model that combines all aspects of Information Security
Governance. In theory, this model should guide an organisation to the ultimate level of
Information Security Governance.
Prof. S. H. von Solms