Information security measurement infrastructure for KPI visualization

Author

Hajdarevic, Kemal ; Pattinson, Colin ; Kozaric, Kemal ; Hadzic, Amela

Author_Institution

Fac. of Electr. Eng., Univ. of Sarajevo, Sarajevo, Bosnia-Herzegovina

fYear

2012

fDate

21-25 May 2012

Firstpage

1543

Lastpage

1548

Abstract

In last decade information security standards became well documented starting with ISO 27001:2005 which defines requirements for a organisation´s Information Security Management System (ISMS). Other standards such as ISO 27004:2009, 27003, and 27005 are published later too. Organisational ISMS can be certifies for ISO 27001:2005 certificate and it adopts Plan-Do-Check-Act (PDCA) life cycle of constant system improvements. To be able to improve operations and information security ISO 27004:2009 standard has to be used to create useful Key Performance Indicators (KPI) in order to achieve constant improvements of the ISMS. During phase of maintenance every system needs infrastructure to collect data, analyse data and then to create KPI for constant improvements. In this paper is presented information security measurement infrastructure for KPI visualisation based on practical experience from production system in financial surrounding.

Keywords

ISO standards; data visualisation; security of data; ISMS; ISO 27001:2005 standard; ISO 27004:2009 standard; KPI visualization; PDCA; information security management system; information security measurement infrastructure; information security standards; key performance indicators; plan-do-check-act life cycle; Data mining; Data visualization; ISO standards; Information security; Measurement; Monitoring;

fLanguage

English

Publisher

ieee

Conference_Titel

MIPRO, 2012 Proceedings of the 35th International Convention

Conference_Location

Opatija

Print_ISBN

978-1-4673-2577-6

Type

conf

Filename

6240898