Managing security related information technology services

Managing security related information technology services

A method, apparatus, and system for managing information technology services. A current security assurance level for an information technology service related to security in an organization is determined based on assessment information about security factors for the information technology service an...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Sanow, Taras Michael, Mojtahedzadeh, Mohammad, Lorimer, Shawn W, Burch, Alissa Lee, Woods, Paul Kevin, La, Kim Truong, Irace, Melissa, Heimlich, Steven A
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method, apparatus, and system for managing information technology services. A current security assurance level for an information technology service related to security in an organization is determined based on assessment information about security factors for the information technology service and performance information about a group of current security controls for the information technology service. A target security assurance level for the information technology service is determined based on a criticality of the information technology service. A graphical representation of a difference between the current security assurance level and the target security assurance level on a display system is displayed. When the difference is greater than a threshold, a graphical indication of additional security controls is displayed that, if implemented for the information technology service, results in the difference between the current and target security assurance level being within a desired security assurance level for protecting the information technology service.