A security management assurance model to holistically assess the information security posture
Détails
ID Serval
serval:BIB_3B33D09053A4
Type
Actes de conférence (partie): contribution originale à la littérature scientifique, publiée à l'occasion de conférences scientifiques, dans un ouvrage de compte-rendu (proceedings), ou dans l'édition spéciale d'un journal reconnu (conference proceedings).
Collection
Publications
Institution
Titre
A security management assurance model to holistically assess the information security posture
Titre de la conférence
Proceedings of the 4th international conference on Availability, Reliability and Security (ARES 2009)
Editeur
IEEE
Adresse
Fukuoka, Japan
ISBN
978-1-4244-3572-2
Statut éditorial
Publié
Date de publication
03/2009
Peer-reviewed
Oui
Pages
756-761
Langue
anglais
Résumé
Managing information security within an organization is becoming a very complex task. The information security posture assessment is performed by using frameworks, methodologies or standards considering the subject separately. The model proposed within the paper aims to holistically consider all the security dimension. This is because the security level is as strong as the weakest link is. In order to minimize the likelihood that a given threat takes advantage of the weakest link a formalized structure taking into account all security elements is needed. The proposed model is based on and integrates some security best practices and standards in order to define an assured Information Security Categorization. From this point, an assessment process should be performed, giving the evidence that the information security within a given organization, is thoroughly managed.
Mots-clé
Information Security Management, Information Security Assurance, Information Security Trust, Assessment model
Web of science
Site de l'éditeur
Création de la notice
17/06/2010 14:23
Dernière modification de la notice
20/08/2019 13:31