A Model for Information Security Management

A Model for Information Security Management

Information Security Management consists of various facets, for example Information Security Policy, Risk Analysis, Risk Management, Contingency Planning and Disaster Recovery which are all interrelated in some way. These interrelationships often cause uncertainty and confusion among top management....

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Information management & computer security 1993-03, Vol.1 (3), p.12-17
Hauptverfasser: von Solms, R, von Solms, S.H, Caelli, W.J
Format: Artikel
Sprache:eng
Schlagworte:
Computer security
Data security
Environment
Information management
Management
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Information Security Management consists of various facets, for example Information Security Policy, Risk Analysis, Risk Management, Contingency Planning and Disaster Recovery which are all interrelated in some way. These interrelationships often cause uncertainty and confusion among top management. Proposes a model for Information Security Management, called an Information Security Management Model (ISM⊃2) and puts all the various facts in context. The model consists of five different levels defined on a security axis. ISM⊃2 introduces the idea of international security criteria or international security standards (baselines). The rationale behind these baselines is to enable information security evaluation according to internationally-accepted criteria.
ISSN:0968-5227
1758-5805
DOI:10.1108/09685229310041893