Assessment for Enterprise Security Decision Making

نویسندگان

  • Aad van Moorsel
  • R. Coles
  • J. Griffin
  • C. Ioannidis
  • B. Monahan
  • D. Pym
  • A. Sasse
چکیده

Assessment is an integral part of a chief information security officer’s (CISO) daily work. Continuously, the CISO must make security policy decisions, either introducing new policies or technologies in the organisation, or modifying existing policies. Assessment in this environment must inherently go beyond assessment of the policy’s security properties alone. It must include considerations about the impact of the security policy on employee productivity, the cost associated with it and the impact on business processes. Assessment therefore is less about precision than it is about comprehensiveness.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Assessment of Enterprise Information Security - An Architecture Theory Diagram Definition -

In order to manage and improve something, it is normally necessary to be able to assess the current state of affairs. A problem with assessment, however, is that in order to assess, it is normally necessary to be able to define the assessment topic. These general statements are also true within the area of Enterprise Information Security. Although much has been written on the topic, there is li...

متن کامل

Application of Three Parameter Interval Grey Numbers in Enterprise Resource Planning Selection

This paper applies a new multi attribute decision-making (MADM) model to help companies for enterprise resource planning (ERP) selection problem based on Balanced Score Card method. This paper uses three-parameter interval grey numbers which is derived from Grey theory (was proposed by J. Deng). This numbers is used instead of linguistic variables. Beside, a new weighting method that outcomes f...

متن کامل

Application of Three Parameter Interval Grey Numbers in Enterprise Resource Planning Selection

This paper applies a new multi attribute decision-making (MADM) model to help companies for enterprise resource planning (ERP) selection problem based on Balanced Score Card method. This paper uses three-parameter interval grey numbers which is derived from Grey theory (was proposed by J. Deng). This numbers is used instead of linguistic variables. Beside, a new weighting method that outcomes f...

متن کامل

New Realities of the Enterprise Management System Information Support: Economic and Mathematical Models and Cloud Technologies

The paper focuses on the urgency of the implementation of cloud technologies, which are a necessary condition for the development of enterprise management systems, give rise to a complex of insufficiently studied phenomena and processes and determine the need to find new tools in making and implementing reasonable management decisions. In the process of research, the sequence of construction an...

متن کامل

Attack tree based information security risk assessment method integrating enterprise objectives with vulnerabilities

In order to perform the analysis and mitigation efforts related with the information security risks there exists quantitative and qualitative approaches, but the most critical shortcoming of these methods is the fact that the outcome mainly addresses the needs and priorities of the technical community rather than the management. For the enterprise management, this information is essentially req...

متن کامل

A Fuzzy Decision Making Approach to Enterprise Resource Planning System Selection

Here, we propose a fuzzy analytic hierarchy process (FAHP) method to evaluate the alternatives of enterprise resource planning (ERP) system. The fuzzy AHP approach allows the users get values more accurately to model the vagueness which changes according subjective ideas in the decision-making environment for ERP system selection problem. Therefore, fuzzy AHP method is used to obtain firm decis...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2010