Information security: Process evaluation and product evaluation

被引:0
|
作者
Eloff, MM [1 ]
Von Solms, SH [1 ]
机构
[1] Technikon Witwatersrand, Sch Informat Technol, Johannesburg, South Africa
来源
INFORMATION SECURITY FOR GLOBAL INFORMATION INFRASTRUCTURES | 2000年 / 47卷
关键词
certification; controls; standards; guideline; code of practice; process evaluation; evaluation criteria; product evaluation;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Effective management in any organisation requires a holistic approach in focusing on information security. Senior managers have to know how well their organisations are performing as measured against internationally accepted best practices. Part of the information security management problem is that it is viewed either from a technological perspective focussing on product evaluation only, or from a procedural and management perspective focussing on evaluation of the management processes. This paper aims to provide a consolidated perspective that takes both these aspects into consideration when measuring and evaluating the information security level of an organisation.
引用
收藏
页码:11 / 18
页数:4
相关论文
共 50 条
  • [1] Information security management: An approach to combine process certification and product evaluation
    Eloff, MM
    von Solms, SH
    [J]. COMPUTERS & SECURITY, 2000, 19 (08) : 698 - 709
  • [2] Risk Evaluation Process Model of Information Security
    Liu Jing
    [J]. 2009 INTERNATIONAL CONFERENCE ON MEASURING TECHNOLOGY AND MECHATRONICS AUTOMATION, VOL II, 2009, : 321 - 324
  • [3] Evaluation of the national information security policy by analytic hierarchy process
    Andrade dos Santos, Clarice Saraiva
    Gaviao, Luiz Octavio
    dos Santos Oliveira, Leonardo Augusto
    Pereira, Jose Cristiano
    [J]. PERSPECTIVAS EM CIENCIA DA INFORMACAO, 2022, 27 (04): : 108 - 145
  • [4] Process Capability Evaluation of Product Development Based on Information Entropy
    Wang, Lixiang
    Dai, Wei
    Huang, Yubing
    [J]. 2018 5TH INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND THEIR APPLICATIONS (DSA), 2018, : 91 - 95
  • [5] Evaluation Process Management Software for Security Evaluation
    Razzazi, Mohammadreza
    Tahouri, Ali
    Fayazbakhsh, Kaveh
    [J]. 2008 3RD INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGIES: FROM THEORY TO APPLICATIONS, VOLS 1-5, 2008, : 1628 - 1631
  • [6] A FRAMEWORK FOR INFORMATION SECURITY EVALUATION
    VONSOLMS, R
    VANDEHAAR, H
    VONSOLMS, SH
    CAELLI, WJ
    [J]. INFORMATION & MANAGEMENT, 1994, 26 (03) : 143 - 153
  • [7] Security evaluation for information assurance
    Kim, Yong-Tae
    Park, Gil-Cheol
    Kim, Tai-Hoon
    Lee, Sang-Ho
    [J]. ICCSA 2007: PROCEEDINGS OF THE FIFTH INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND APPLICATIONS, 2007, : 227 - +
  • [8] Development of Information System for Product Redesign: Evaluation of Assembly Process and Characteristics of Product Functions
    Arakawa, Masahiro
    [J]. INDUSTRIAL ENGINEERING AND MANAGEMENT SYSTEMS, 2010, 9 (03): : 215 - 226
  • [9] Study on security risk evaluation model, process and tools of information system
    Zheng, Pei
    Lai, KinKeung
    Zhang, Yirong
    [J]. PROCEEDINGS OF THE 2008 INTERNATIONAL CONFERENCE ON E-RISK MANAGEMENT (ICERM 2008), 2008, : 47 - +
  • [10] Evaluation Model for Computer Network Information Security Based on Analytic Hierarchy Process
    Xi Zhen-yuan
    Chen He
    Wang Xiang-zhong
    Sheng Jian-ling
    Fan Yu-tao
    [J]. 2009 THIRD INTERNATIONAL SYMPOSIUM ON INTELLIGENT INFORMATION TECHNOLOGY APPLICATION, VOL 3, PROCEEDINGS, 2009, : 186 - 189
12345