Skip to Main Content
The purpose of this paper is to study the comprehensive evaluation method for Information Security Management Measurement (ISMM). An organization's information security management performance would be assessed from three dimensions: implementation, effectiveness and input. Each dimensional evaluation value and final result can be calculated by gray relation analysis. A cube model for ISMM is then presented and it is capable of providing valuable results for managers since it is based on managing, technical and economic considerations. Under the circumstance that ISMM is mainly concerned about indicators of microcosmic level and frameworks of macro level, the advance of comprehensive evaluation based on gray relation analysis benefits building a more integrated ISMM system.
Information Science and Management Engineering (ISME), 2010 International Conference of (Volume:1 )
Date of Conference: 7-8 Aug. 2010