Proceedings of the first ACM workshop on Information security governance

It is our great pleasure to welcome you to the 1st ACM Workshop on Information Security Governance (WISG'09). The goal of this workshop is to establish a framework to drive implementation of effective information security strategies in organizations involving risk management, reporting, and accountability. Recent changes in business environment such as outsourcing, global supply chain, and cross organizational collaborations are forcing users to access and retrieve business data across organizational boundaries. This is making data governance in enterprise intractable. In addition, since emerging IT infrastructure such as cloud computing calls for storing enormous amount of confidential and sensitive information, it is imperative that these data must be appropriately handled according to the agreements. These new disruptive trends will greatly change the notions of the information security governance calling for more fine-grained, data-centric, and risk-adjusted governance models with the innovative implementation technologies. The call for papers attracted sixteen submissions from Asia, Europe, and the United States. The program committee accepted five full papers and three short papers that cover the compliance, governance, security risk, security policy and privacy issues.