The 14 layered framework for including social and organisational aspects in security management
نویسندگان
چکیده
The ultimate aim of the COINS COntrolled INformation Security – project is to investigate, assess, and provide tools to improve the information security status in organizations with a focus on public agencies. A central question for the project is how information security issues are communicated within the organizations, specifically underlining that communication is control in a cybernetic sense. The project is carried out in a number of steps embracing to design modelling techniques and metrics for information security issues in organizations (1), collect data from Swedish governmental agencies (2), use the modelling techniques to model communication of information security in organizations from different perspectives (3), to apply metrics on the data in order to assess information security levels in the agencies (4), identify gaps (5) and needs for improvement (6). The 14 layered framework, which is based on well established knowledge within information security: frameworks, models, standards, and terminology is presented. The scientific base is cybernetics, including variety engineering and recursion to provide adaptation and learning. The motivation for the research is that communication of information security issues within organizations tend to be insufficient and the mental connections between IT-security and information security work are weak, which prohibits the organization from learning and adapting in its security work. This is a report on research in progress.
منابع مشابه
The Conceptual Framework of Individual and Social Security Provision in Residential Complexes Based on Iranian-Islamic Foundations
Security as one of the basic human needs has a special place in relaxation, comfort and spiritual needs provision. For this reason, security is always of managers, planners, architects and urban designers' interest. Solutions and strategies of security provision have been fundamentally changed following prevailing change of housing architecture patterns from homes to residential complexes and h...
متن کاملExamine the components of organizational agility to design a framework for achieving agility in social security organization
Background and purpose: The purpose of the study was to examine the dimensions and components of organizational agility to design a framework. Materials and methods: The methodology is descriptive. The statistical society was selected from employees in the Social Security organization of Bojnourd (N=148). The samples were 132 staff that return the questionaries. The data collected by a researc...
متن کاملInformation security management: A case study of an information security culture
This thesis argues that in order to establish a sound information security culture it is necessary to look at organisation’s information security systems in a sociotechnical context. The motivation for this research stems from the continuing concern of ineffective information security in organisations, leading to potentially significant monetary losses. It is important to address both technical...
متن کاملStuding the relationship between intrinsic motivation and extrinsic motivation on employee knowledge transfer (case study of Social Security organization in Kerman)
Knowledge transfer was the most important factors of success for organizations in today's complex and changing environment as one of aspects of knowledge management. The aim of this study was to investigate the relationship between intrinsic motivation and extrinsic motivation by transfer the employee’s knowledge in social security organizations in Kerman. The method research is descriptive and...
متن کاملCUSTOMER RELATIONSHIP MANAGEMENT AND ORGANISATIONAL COMPETETIVENESS OF COMMERCIAL BANKS IN CHENNAI
Commercial Banks and Financial Institutions are recognizing that they can no longer look at a customer from a specific product but must encompass the entire customer relationship to fully understand a client‘s profitability. From a strategic standpoint, Customer Relationship Management (CRM) mobilizes resources around customer relationships rather than product groups and fosters activities that...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Inf. Manag. Comput. Security
دوره 19 شماره
صفحات -
تاریخ انتشار 2010