Abstract
For organizations, security of information is eminent as threats of information security incidents that could impact the information continue to increase. Alarming facts within the literature support the current lack of adequate information security practices and prompt for identifying additional methods to help organizations in protecting their sensitive and critical information. Research efforts shows inadequacies within traditional ISC assessment methodologies that do not promote an effective assessment, prioritization, and, therefore, implementation of ISC in organizations. This research-in-progress relates to the development of a tool that can accurately prioritize ISC in organizations. The tool uses fuzzy set theory to allow for a more accurate assessment of imprecise parameters than traditional methodologies. We argue that evaluating information security controls using fuzzy set theory leads to a more detailed and precise assessment and, therefore, supports an effective selection of information security controls in organizations.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
