Abstract
Todays, establishing of information security in organizations is inevitable. Implementation of information security in organizations is carried out through the implementation of information security control objectives and controls. Since there are 39 control objectives and 133 controls so implementation of all objectives / controls in terms of scheduling and budget would be difficult and costly for managers and ISMS executives. Organization managers are trying to choice high risk and critical controls among all controls for implementation or improvement. On the other hand previous quantitative methods for ranking areas / objectives / controls, in addition to the mathematical complexity have divergence problem. As well as organization managers and individuals concerned with ISMS have little information about the objectives and controls. Therefore in this paper Fuzzy Screening technique is used for selection of critical controls. In the present study, fuzzy screening process is discussed for selecting and prioritizing of security control objectives.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: International Journal in Foundations of Computer Science & Technology
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.