Kearney, W.D.Kruger, H.A.2014-07-212014-07-212013Kearney, W.D. & Kruger, H.A. 2013. A framework for good corporate governance and organisational learning: an empirical study. International journal of cyber-security and digital forensics (IJCSDF), 2(1):36-47. [http://sdiwc.net/security-journal/]2305-0012http://hdl.handle.net/10394/10894http://sdiwc.net/digital-library/request.php?article=66f1cbf8f84cad38a658f471de58f7a8http://sdiwc.net/digital-library/a-framework-for-good-corporate-governance-and-organisational-learning--an-empirical-studyThe importance of applying good governance principles has grown over the past decade and many studies have been performed to investigate the role and impact of such principles. One of the difficulties in the governance arena is to provide sufficient empirical evidence that good corporate governance and good governance of information technology is beneficial. This paper describes a framework, based on a value-focused approach, which is used to identify unique dimensions for evaluation in a large organisation. Following the evaluation a practical phishing experiment was used to show how a learning process can be initiated through security incidents and how organisational learning can be used to focus on the improvement of specific governance areas.enCorporate governancegovernance of information technologyvalue-focused approachphishingsocial engineeringsecurity awarenessorganisational learningArticle