22 March 2004

Managing Risk of Security Governance - A Series

By Peter L. Higgins
Managing Director
1SecureAudit

In the converging world of both information and physical security there is a new risk element managing “Security Governance”.

The ethics and issues surrounding the business world of Corporate Governance since Enron and WorldCom has been center stage. Now the ethics and human behaviors of the security and intelligence community are stealing the headlines in light of Richard Clarke’s recent memoir of his counterterrorism days at the White House. Clarke is chairman of Good Harbor Consulting LLC based outside Washington, DC and has recently published his new book about his opinions on terrorism.

Questionable ethics should be raised about the former security tsar and his motivations for the book, his comments on CBS 60 Minutes and through other media. It’s about time we wave a red flag when the poor governance of business spills over to the governance of security. It seems that the name of his new book, “Against All Enemies” is appropriate as he takes aim at his former bosses in the last few presidential administrations.

Security Governance is a discipline that all of us need to revisit and rededicate ourselves to. The policies and codes we stand by to protect our critical assets should not be compromised for any reasons. More importantly, security governance frameworks must make sure that the management of a business or government entity be held accountable for their respective performance. The stakeholders must be able to intervene in the operations of management when these security ethics or policies are violated. Security Governance is the way that corporations or governments are directed and controlled. A new element that has only recently been discovered is the role of risk management in Security Governance.

More in this series over the next few weeks.

No comments:

Post a Comment