• DocumentCode
    3263069
  • Title

    Information security management metrics development

  • Author

    Herrera, Sven Olof Sandström

  • fYear
    2005
  • fDate
    11-14 Oct. 2005
  • Firstpage
    51
  • Lastpage
    56
  • Abstract
    It is commonly accepted that you cannot improve what you can not measure. This concept is applicable to almost all the departments of an organization (financial, production, human resources, quality, etc.). However, in a lot of organizations the information system area, and more concretely the information security area, does not base its decisions on quantifiable, measurable, comparable and contrastable data, but on the experience of its managers. It is essential for an organization to place indicators for obtaining information on the information security control´s effectiveness, so that problems can be detected as soon as possible.
  • Keywords
    information management; security of data; information security area; information security control; information security management metrics development; information system area; Environmental management; Humans; ISO standards; Information management; Information security; Management information systems; Production; Proportional control; Risk management; Standards organizations;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security Technology, 2005. CCST '05. 39th Annual 2005 International Carnahan Conference on
  • Print_ISBN
    0-7803-9245-0
  • Type

    conf

  • DOI
    10.1109/CCST.2005.1594818
  • Filename
    1594818
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3263069