IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach

The authors combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework. With this combined framework the authors create a new approach to IT Security Risk Management where IT Security Risk Management is place at the strategic, tactical and operational levels of an org...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of e-entrepreneurship and innovation 2013-10, Vol.4 (4), p.1-19
Hauptverfasser: Wahlgren, Gunnar, Kowalski, Stewart
Format: Artikel
Sprache:eng
Schlagworte:
Cloud computing
Computer and Systems Sciences
Computer information security
Cybersecurity
data- och systemvetenskap
Environmental monitoring
incident escalation
Information technology
IT security risk communication
IT security risk management
IT security risk monitoring
maturity models
Risk
Risk management
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The authors combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework. With this combined framework the authors create a new approach to IT Security Risk Management where IT Security Risk Management is place at the strategic, tactical and operational levels of an organizational. In this paper the authors concentrate on the monitoring and communication steps of IT Security Risk Management and especially escalation of new IT Security Incidents. The authors present a first draft to an IT Security Risk Escalation Capability Maturity Model based on ISACA´s Risk IT Framework. Finally the authors apply the approach to typical cloud computing environment as a first step to evaluate this new approach.
ISSN:1947-8585
1947-8593
DOI:10.4018/ijeei.2013100101