Title :
A Security Management Assurance Model to Holistically Assess the Information Security Posture
Author :
Tashi, Igli ; Ghernaouti-Helie, S.
Author_Institution :
Fac. of Bus. & Econ., Univ. of Lausanne, Lausanne
Abstract :
Managing information security within an organization is becoming a very complex task. The information security posture assessment is performed by using frameworks, methodologies or standards considering the subject separately. The model proposed within the paper aims to holistically consider all the security dimension. This is because the security level is as strong as the weakest link is. In order to minimize the likelihood that a given threat takes advantage of the weakest link a formalized structure taking into account all security elements is needed. The proposed model is based on and integrates some security best practices and standards in order to define an assured Information Security Categorization. From this point, an assessment process should be performed, giving the evidence that the information security within a given organization, is thoroughly managed.
Keywords :
security of data; information security management; information security posture assessment; security management assurance model; Availability; Best practices; Business continuity; Conference management; IEC standards; ISO standards; Information management; Information security; Investments; Protection;
Conference_Titel :
Availability, Reliability and Security, 2009. ARES '09. International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4244-3572-2
Electronic_ISBN :
978-0-7695-3564-7
DOI :
10.1109/ARES.2009.28
