CBC 2012 - Book Title: IT Security Governance Innovations: Theory and Research

Book Title:
IT Security Governance Innovations: Theory and Research


Editors:
Dr. Daniel Mellado, Spanish Tax Agency, Spain
Dr. Luis Enrique Sánchez, University of Castilla-La Mancha, Spain
Dr. Eduardo Fernandez-Medina, University of Castilla-La Mancha, Spain
Dr. Mario Piattini, University of Castilla-La Mancha, Spain


Call for Chapters:
Proposals Submission Deadline: July 9, 2011 (extended)
Notification of Acceptance: July 15, 2011
Full Chapters Due: August 30, 2011


Introduction
IT security can no longer be considered as a technical issue, but it is a process that involves the whole company. It is widely accepted that security needs to reach the governance level so that senior directors understand the risks and the opportunities, and have assurance that these are being properly and continuously managed.
This relevant role assumption has caused the development of a lot of initiatives (frameworks, standards, etc.) in the last few years to foster IT Governance inside any corporation, such as CobiT or ISO/IEC standards (ISO/IEC 27000, ISO/IEC 38500…). From a global perspective, this diversity, also found in the context of security technical issues, has made us consider its application as a very complex and hard process to understand with a very difficult implantation curve.
In order to facilitate the adoption of IT Security Governance by the different types of organizations, the objective of this book is to compile existing approaches, standards, best practices and new trends in IT Security Governance. The book will highlight the main contributions and characteristics of each one. From the theoretical and practical perspectives, this book is intended to address security during the whole IT Security Governance implantation lifecycle. From IT risk-based security goals and policies up to IT security governance tools and metrics implemented by most sound IT security standards or guidelines for each specific scenario. This book would also help managers to be aware of limitations of current approaches and the gaps which need to be covered in order to achieve a complete integration of the security governance within the global governance.

Objective of the Book
This book aims to provide a theoretical and academic description of IT security governance issues, and practical and useful guidelines, standards, models and frameworks for implementing IT security governance in organizations.
This is focused to the following:
Introduction to the concepts of IT Governance and IT Security Governance
Security necessities, requirements, goals, challenges, trends and opportunities of IT Security Governance
IT Security Governance standards and best practices
Risk management, architectures, frameworks and methodologies for IT Security Governance
IT Security Governance of new technological approaches and recent advances and approaches of IT security governance
IT Security Governance indicators, metrics and tools
IT Security Governance in case studies

Target Audience
The proposed book could serve as a reference for CEOs and CIOs, security managers, systems specialists, systems architects, security developers, information security professionals and computer science students.


Recommended Topics for Chapter Proposals

Recommended topics include, but are not limited to, the following:
Security necessities, requirements, goals, challenges, trends and opportunities of IT Security Governance
IT Security Governance legal issues (Sarbanes-Oxley, Basel II, Directive 95/46/EC, etc.)

IT Governance proposals
IT Security Governance and Security standards and best practices (ISO 27000, ISO 38500, COBIT, Val-IT, ITIL, COSO, etc.)
Risk management, architectures, frameworks and methodologies for IT Security Governance
Auditing IT Security Governance
IT Security Governance of new technological approaches (SOA, cloud computing, mobile software, agile software development, free software, etc.)
Recent advances and approaches of IT security governance
Security metrics
IT Security Governance indicators, metrics and scoreboards
Support tools to IT Security Governance
Measuring Economics of IT Security Governance
ROI of IT Security Governance
IT Security Governance implantation models
IT Security Governance in cases studies, real applications, implementations in different type of organizations, and failures.
IT Security Governance in e-Government


Submission Procedure
Researchers and Professionals are invited to submit on or before July 9, 2011 a 2-3 page chapter proposal clearly explaining the purpose, objective or focus of their proposed chapter. Authors of accepted proposals will be notified by July 15, 2011 about the status of their proposals and chapter guide lines will be sent.

Full chapters are expected to be submitted by August 30, 2011. All submitted chapters will be subjected to double-blind review.

Publisher
This book is scheduled to be published by IGI Global (formerly Idea Group Inc.), publisher of the “Information Science Reference” (formerly Idea Group Reference), “Medical Information Science Reference,” “Business Science Reference,” and “Engineering Science Reference” imprints. For additional information regarding the publisher, please visit http://www.igi-global.com/authorseditors/authoredi... . This publication is anticipated to be released in 2012.


Important Dates
July 9, 2011 (extended): Proposal Submission Deadline
July 15, 2011: Notification of Acceptance
August 30, 2011: Full Chapter Submission
November 15, 2011: Review Results Returned
February 10, 2012: Final Chapter Submission
March 15, 2012: Final Deadline


Inquiries and submissions can be forwarded electronically (Word document):
Dr. Daniel Mellado
University of Castilla - La Mancha
Spanish Tax Agency, IT Auditing Unit (Madrid, Spain)
Email: damefe-AT-esdebian.org