A Corporate Capital Protection and Assurance Model.

This paper introduces the concept of Corporate Capital Protection Assurance. The authors provide a holistic Corporate Capital Protection Assurance model consisting of effective due diligence controls so that any organization regardless of its size or state of maturity can provide assurance to its members and stakeholders that all relevant ‘Corporate Capital' (in the widest sense including aspects like intellectual capital, brand name, electronic assets, public opinion, trust, human capital, competitiveness etc) will be adequately protected. Corporate Capital Protection Assurance is more than information security protection of the confidentiality, integrity and availability of information. It includes the aspects mentioned above, as well as the policies, procedures, processes and human skills that must be protected. Therefore the authors have defined Corporate Capital Protection Assurance as the management commitment and leadership, with all the supporting people and structures all working together to provide for the adequate protection of the company's Corporate Capital. Thus Corporate Capital Protection Assurance entails more than information security and information security governance. It includes for e.g. the protection of a digital forensic infrastructure, aspects relating to risk management, to business continuity planning and control, to the protection of human resource information, knowledge and human resource skills, as well as the protection of information relating to policy formulation and content. All of theses aspects need to be controlled in a formalized cohesive manner so that they are aligned with the overall business strategy and culture of the organization. This model will provide a consolidated view of all these above-mentioned types of corporate capital resources that cannot alone be protected by Information Security Governance controls and yet still require that require protection. Therefore this paper will provide a consolidated view of all these types of protection that should be provided by an organization, as well as provide a detailed exposition on the creation of and use of this Corporate Capital Protection Assurance model for organizations globally. Keywords: Corporate Capital Protection and Assurance, Information Security Governance, IT Governance, Digital Forensic Governance, Corporate Governance, Project Management Governance. [ABSTRACT FROM AUTHOR]