Impact of corporate governance on information security practices in (UK) financial industry

The empirical study of this paper focuses particularly on the UK financial industry for
trends in the framework of policies in order to manage information security as operational risk and
how corporate governance plays a vital role in framing policies within the company (Poole and
CISM, 2006). The increasing dependency of UK financial industries on IT solutions and services to
manage their business processes has indirectly coupled the financial IT systems to the economic well
being of a country. This means that risks associated with such financial IT systems would have an
impact on the economic elements of a nation. As more and more UK financial industries relies on IT
solutions to manage their businesses, Information security (IS) trails are increasingly becoming a part
of general audit practices within these UK financial industries. IS and IT audit trails for risk
assessment includes a number of risk elements like data security, firewall, server, network,
application, etc. Corporate governance policies are mostly excluded from IS audits as there is no
regulated roadmap for assessment. However some companies adopted industry wide standards like
COBIT and ISO but still unregulated by government authorities. Hence this research investigates the
significance of corporate governance policies towards the development of a robust IS framework in
the financial industry. It also looks at the government authority‘s role as a watchdog.

Citation:
Kala Sethupathy, D.S., Preston, D. and Imafidon, C.O. (2010) ‘Impact of corporate governance on information security practices in (UK) financial industry.’, Proceedings of Advances in Computing and Technology, (AC&T) The School of Computing and Technology 5th Annual Conference, University of East London, pp.135-142..