Abstract
Measurements are tools designed to facilitate decision making and improve performance and accountability through collecting, analyzing, and reporting related data. ISO/IEC 27002 provides us with information security controls that will be used for getting security measures. This paper presents some operational measures based on departments in relation to information security, in order to facilitate the decision making and to improve information security management in different departments and across the organization. In addition, process of measuring information security management effectiveness is proposed.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have