Information Security Management: An Approach to Combine Process Certification And Product Evaluation

Information Security Management: An Approach to Combine Process Certification And Product Evaluation

Information Security (IS) is the key to the effective management of any organisation in today’s commercial and industrial sectors. Line managers’ performance, for instance, is rated according to the extent to which their operations conform to the IS policies of their respective organizations. In the...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security 2000-01, Vol.19 (8), p.698-709
Hauptverfasser: Eloff, M.M, von Solms, S.H
Format: Artikel
Sprache:eng
Schlagworte:
Accreditation
Benchmarking
Certification
Code of practice
Controls
Cybersecurity
Data integrity
Evaluation criteria
Guideline
Product evaluation
security
Security management
Self-assessment
Studies
Systems evaluation and process certification
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Information Security (IS) is the key to the effective management of any organisation in today’s commercial and industrial sectors. Line managers’ performance, for instance, is rated according to the extent to which their operations conform to the IS policies of their respective organizations. In the same way, senior management’s performance is judged by how well the organization performs in terms of internationally accepted codes of IS practice. IS management, however, is not always a quantifiable entity and its evaluation is complicated by the fact that it can be viewed either from an electronic perspective, in which case the focus will fall solely on product and/or systems evaluation, or from a procedural and management perspective, in which case the focus will, instead, fall on the certification of the IS management process. This article will, therefore, be devoted to providing a consolidated approach to the evaluation of IS management, in terms of which full cognisance will be taken of both these perspectives.
ISSN:0167-4048
1872-6208
DOI:10.1016/S0167-4048(00)08019-6