[摘要] ENGLISH ABSTRACT: Enterprise mobility is emerging as a megatrend in the business world. Numerousrisks originate from using mobile devices for business-related tasks and most ofthese risks pose a significant security threat to organisations' information.Organisations should therefore apply due care during the process of governing thesignificant enterprise mobility security risks to ensure an effective process to mitigatethe impact of these risks.Information technology (IT) governance frameworks, -models and -standards canprovide guidance during this governance process to address enterprise mobilitysecurity risks on a strategic level. Due to the existence of the IT gap these risks arenot effectively governed on an operational level as the IT governance frameworks,-models and -standards do not provide enough practical guidance to govern theserisks on a technical, operational level.This study provides organisations with practical, implementable guidance to applyduring the process of governing these risks in order to address enterprise mobilitysecurity risks in an effective manner on both a strategic and an operational level.The guidance given to organisations by the IT governance frameworks, -models and-standards can, however, lead to the governance process being inefficient andcostly. This study therefore provides an efficient and cost-effective solution, in theform of a short list of best practices, for the governance of enterprise mobilitysecurity risks on both a strategic and an operational level.