• DocumentCode
    1923933
  • Title

    A Security Management Assurance Model to Holistically Assess the Information Security Posture

  • Author

    Tashi, Igli ; Ghernaouti-Helie, S.

  • Author_Institution
    Fac. of Bus. & Econ., Univ. of Lausanne, Lausanne
  • fYear
    2009
  • fDate
    16-19 March 2009
  • Firstpage
    756
  • Lastpage
    761
  • Abstract
    Managing information security within an organization is becoming a very complex task. The information security posture assessment is performed by using frameworks, methodologies or standards considering the subject separately. The model proposed within the paper aims to holistically consider all the security dimension. This is because the security level is as strong as the weakest link is. In order to minimize the likelihood that a given threat takes advantage of the weakest link a formalized structure taking into account all security elements is needed. The proposed model is based on and integrates some security best practices and standards in order to define an assured Information Security Categorization. From this point, an assessment process should be performed, giving the evidence that the information security within a given organization, is thoroughly managed.
  • Keywords
    security of data; information security management; information security posture assessment; security management assurance model; Availability; Best practices; Business continuity; Conference management; IEC standards; ISO standards; Information management; Information security; Investments; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2009. ARES '09. International Conference on
  • Conference_Location
    Fukuoka
  • Print_ISBN
    978-1-4244-3572-2
  • Electronic_ISBN
    978-0-7695-3564-7
  • Type

    conf

  • DOI
    10.1109/ARES.2009.28
  • Filename
    5066559
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1923933