Abstract :
The security and integrity of information systems is a critical issue within most types of organizations. Finding better ways to address the topic is the objective of many in industry, academia, and government. One of the more effective approaches gaining popularity in addressing these issues is the use of standard knowledge representations, enumerations, exchange formats and languages, as well as sharing of standard approaches to key compliance and conformance mandates. By standardizing and segregating the interactions amongst their operational, development and sustainment tools and processes organizations gain great freedom in selecting technologies, solutions and vendors. These ldquomaking security measurablerdquo initiatives provide the foundation for answering todaypsilas increased demands for accountability, efficiency and interoperability without artificially constraining an organizationpsilas solution options.
Keywords :
knowledge representation; security of data; conformance mandates; information systems security; knowledge representations; making security measurable initiatives; Automation; Computer security; Current measurement; Government; Information analysis; Information security; Measurement standards; Standardization; Systems engineering and theory; Technology management;
