A security management assurance model to holistically assess the information security posture

Details

Serval ID
serval:BIB_3B33D09053A4
Type
Inproceedings: an article in a conference proceedings.
Collection
Publications
Institution
Title
A security management assurance model to holistically assess the information security posture
Title of the conference
Proceedings of the 4th international conference on Availability, Reliability and Security (ARES 2009)
Author(s)
Ghernaouti-Hélie S., Tashi I.
Publisher
IEEE
Address
Fukuoka, Japan
ISBN
978-1-4244-3572-2
Publication state
Published
Issued date
03/2009
Peer-reviewed
Oui
Pages
756-761
Language
english
Abstract
Managing information security within an organization is becoming a very complex task. The information security posture assessment is performed by using frameworks, methodologies or standards considering the subject separately. The model proposed within the paper aims to holistically consider all the security dimension. This is because the security level is as strong as the weakest link is. In order to minimize the likelihood that a given threat takes advantage of the weakest link a formalized structure taking into account all security elements is needed. The proposed model is based on and integrates some security best practices and standards in order to define an assured Information Security Categorization. From this point, an assessment process should be performed, giving the evidence that the information security within a given organization, is thoroughly managed.
Keywords
Information Security Management, Information Security Assurance, Information Security Trust, Assessment model
Web of science
Create date
17/06/2010 14:23
Last modification date
20/08/2019 13:31
Usage data