• DocumentCode
    2109324
  • Title

    Information Security Management is Not Only Risk Management

  • Author

    Tashi, Igli ; Solange Ghernouti-Helie

  • Author_Institution
    Univ. of Lausanne, Lausanne
  • fYear
    2009
  • fDate
    24-28 May 2009
  • Firstpage
    116
  • Lastpage
    123
  • Abstract
    The paper considers and discusses two closely related concepts and process, namely risk management and security management. Practically, there is a tendency to consider risk management as a plenty process capable to protect information assets. Based on the literature and international standards, the paper gives an overview of all the aspects and activities related to both processes. risk management and security management are analyzed in order to point out their particularities and similitudes. The paper aims to clarify both concepts focusing on an operational, organizational and conceptual point of view by explaining which are the differences and why these two process can not been conceived or operated separately.
  • Keywords
    information management; risk management; security of data; information asset protection; information security management; international standards; risk management; Conference management; Environmental economics; Environmental management; Information management; Information security; Internet; Monitoring; Protection; Risk analysis; Risk management; Complex Environments; IS Management effectiveness and efficiency.; ISMS components; Information Security (IS) Management; Risk Management; Risk analysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Internet Monitoring and Protection, 2009. ICIMP '09. Fourth International Conference on
  • Conference_Location
    Venice/Mestre
  • Print_ISBN
    978-1-4244-3839-6
  • Electronic_ISBN
    978-0-7695-3612-5
  • Type

    conf

  • DOI
    10.1109/ICIMP.2009.31
  • Filename
    5076359
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2109324