Information Security Maturity Level: A Fast Assessment Methodology

被引:3
|
作者
Monteiro, Sergio [1 ]
Magalhaes, Joao Paulo [2 ]
机构
[1] Politecn Porto, ESTG, CIICESI, Porto, Portugal
[2] Politecn Porto, ESTG, CIICESI, GCC, Porto, Portugal
来源
AMBIENT INTELLIGENCE- SOFTWARE AND APPLICATIONS- 8TH INTERNATIONAL SYMPOSIUM ON AMBIENT INTELLIGENCE (ISAMI 2017) | 2017年 / 615卷
关键词
D O I
10.1007/978-3-319-61118-1_33
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
In this paper, we propose an entry-level methodology for the determination of an Information Security Maturity Level. The methodology is based on the analysis of three axes and three functional areas (people, processes and technology) and aims to be a first approach, with the simplicity of language and focus on the recipient, for the quantitative measurement of potential security risks. The methodology has been applied in a real context and the results reveals the usefulness of it. The maturity level is simple to understand facilitating the spread of a security awareness culture, while allowing organisations to plan the necessary activities to mitigate the security threats.
引用
收藏
页码:269 / 277
页数:9
相关论文
共 50 条
  • [1] Assessment methodology on maturity level of ISMS
    Leem, CS
    Kim, S
    Lee, HJ
    [J]. KNOWLEDGE-BASED INTELLIGENT INFORMATION AND ENGINEERING SYSTEMS, PT 3, PROCEEDINGS, 2005, 3683 : 609 - 615
  • [2] Semi-automated Information Security Risk Assessment Framework for Analyzing Enterprises Security Maturity Level
    Abazi, Blerton
    Ko, Andrea
    [J]. RESEARCH AND PRACTICAL ISSUES OF ENTERPRISE INFORMATION SYSTEMS, CONFENIS 2019, 2019, 375 : 141 - 152
  • [3] Maturity level assessments of information security controls: An empirical analysis of practitioners assessment capabilities
    Schmitz, Christopher
    Schmid, Michael
    Harborth, David
    Pape, Sebastian
    [J]. Computers and Security, 2021, 108
  • [4] Maturity level assessments of information security controls: An empirical analysis of practitioners assessment capabilities
    Schmitz, Christopher
    Schmid, Michael
    Harborth, David
    Pape, Sebastian
    [J]. COMPUTERS & SECURITY, 2021, 108
  • [5] Maturity Assessment Methodology for HISMM - Hospital Information System Maturity Model
    Carvalho, Joao Vidal
    Rocha, Alvaro
    Abreu, Antonio
    [J]. JOURNAL OF MEDICAL SYSTEMS, 2019, 43 (02)
  • [6] Maturity Assessment Methodology for HISMM - Hospital Information System Maturity Model
    João Vidal Carvalho
    Álvaro Rocha
    António Abreu
    [J]. Journal of Medical Systems, 2019, 43
  • [7] A Structured Comparison of the Corporate Information Security Maturity Level
    Schmid, Michael
    Pape, Sebastian
    [J]. ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, SEC 2019, 2019, 562 : 223 - 237
  • [8] Assessment of information and communications technology maturity level
    Kyriakidou, Vagia
    Michalakelis, Christos
    Sphicopoulos, Thomas
    [J]. TELECOMMUNICATIONS POLICY, 2013, 37 (01) : 48 - 62
  • [9] An information security control assessment methodology for organizations' financial information
    Otero, Angel R.
    [J]. INTERNATIONAL JOURNAL OF ACCOUNTING INFORMATION SYSTEMS, 2015, 18 : 26 - 45
  • [10] Research on Information Security Asset Value Assessment Methodology
    Yang, Xueqin
    Yang, Peng
    Lin, Honggang
    [J]. CYBER SECURITY, CNCERT 2022, 2022, 1699 : 162 - 174
12345