Abstract

Information Security Management consists of various facets, for example Information Security Policy, Risk Analysis, Risk Management, Contingency Planning and Disaster Recovery which are all interrelated in some way. These interrelationships often cause uncertainty and confusion among top management. Proposes a model for Information Security Management, called an Information Security Management Model (ISM⊃2) and puts all the various facts in context. The model consists of five different levels defined on a security axis. ISM⊃2 introduces the idea of international security criteria or international security standards (baselines). The rationale behind these baselines is to enable information security evaluation according to internationally‐accepted criteria.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A framework for information security evaluation
R Von Solms ... H Van Der Haar
Information & Management | VOL. 26
R Von Solms, et. al.R Von Solms ... H Van Der Haar
01 Mar 1994
Information Security Risk Analysis Methods for Healthcare Systems
Amarendar Rao Thangeda ... Alfred Coleman
International Journal of Engineering and Advanced Technology | VOL. 10
Amarendar Rao Thangeda, et. al.Amarendar Rao Thangeda ... Alfred Coleman
30 Oct 2020
A code of practice for effective information security risk management using COBIT 5
Walid Al-Ahmad ... Basil Mohammed
-
Walid Al-Ahmad, et. al.Walid Al-Ahmad ... Basil Mohammed
01 Nov 2015
Development of a mechanism for information security risk management of transport service provision systems
Olexandr Melnychenko ... Vitalii Tsybulskyi
Eastern-European Journal of Enterprise Technologies | VOL. 1
Olexandr Melnychenko, et. al.Olexandr Melnychenko ... Vitalii Tsybulskyi
28 Feb 2024
View more papers

More From: Information Management & Computer Security

Paper Title
Journal
Date
Author
Repairing trust in an e-commerce and security context: an agent-based modeling approach
Jae Choi ... Derek L. Nazareth
Information Management & Computer Security | VOL. 22
Jae Choi, et. al.Jae Choi ... Derek L. Nazareth
10 Nov 2014
Current challenges in information security risk management
Stefan Fenz ... Fabian Pechstein
Information Management & Computer Security | VOL. 22
Stefan Fenz, et. al.Stefan Fenz ... Fabian Pechstein
10 Nov 2014
Security culture and the employment relationship as drivers of employees’ security compliance
John D'Arcy ... Gwen Greene
Information Management & Computer Security | VOL. 22
John D'Arcy, et. al.John D'Arcy ... Gwen Greene
10 Nov 2014
Using response action with intelligent intrusion detection and prevention system against web application malware
Ammar Alazab ... Mamoun Alazab
Information Management & Computer Security | VOL. 22
Ammar Alazab, et. al.Ammar Alazab ... Mamoun Alazab
10 Nov 2014
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.