Title :
Measuring Effectiveness of Information Security Management
Author :
Hong-li Liu ; Ying-ju Zhu
Author_Institution :
Sch. of Bus., East China Univ. of Sci. & Technol., Shanghai, China
Abstract :
Measurements are tools designed to facilitate decision making and improve performance and accountability through collecting, analyzing, and reporting related data. ISO/IEC 27002 provides us with information security controls that will be used for getting security measures. This paper presents some operational measures based on departments in relation to information security, in order to facilitate the decision making and to improve information security management in different departments and across the organization. In addition, process of measuring information security management effectiveness is proposed.
Keywords :
DP management; decision making; organisational aspects; security of data; ISO-IEC 27002; decision making; information security controls; information security management; Data security; Decision making; IEC standards; ISO standards; Information management; Information security; Management information systems; Performance analysis; Process control; Technology management;
Conference_Titel :
Computer Network and Multimedia Technology, 2009. CNMT 2009. International Symposium on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-5272-9
DOI :
10.1109/CNMT.2009.5374634
