By Topic

A Security Management Assurance Model to Holistically Assess the Information Security Posture

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Tashi, I. ; Fac. of Bus. & Econ., Univ. of Lausanne, Lausanne ; Ghernaouti-Helie, S.

Managing information security within an organization is becoming a very complex task. The information security posture assessment is performed by using frameworks, methodologies or standards considering the subject separately. The model proposed within the paper aims to holistically consider all the security dimension. This is because the security level is as strong as the weakest link is. In order to minimize the likelihood that a given threat takes advantage of the weakest link a formalized structure taking into account all security elements is needed. The proposed model is based on and integrates some security best practices and standards in order to define an assured Information Security Categorization. From this point, an assessment process should be performed, giving the evidence that the information security within a given organization, is thoroughly managed.

Published in:

Availability, Reliability and Security, 2009. ARES '09. International Conference on

Date of Conference:

16-19 March 2009