Information security: Process evaluation and product evaluation

被引:0
|
作者
Eloff, MM [1 ]
Von Solms, SH [1 ]
机构
[1] Technikon Witwatersrand, Sch Informat Technol, Johannesburg, South Africa
来源
INFORMATION SECURITY FOR GLOBAL INFORMATION INFRASTRUCTURES | 2000年 / 47卷
关键词
certification; controls; standards; guideline; code of practice; process evaluation; evaluation criteria; product evaluation;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Effective management in any organisation requires a holistic approach in focusing on information security. Senior managers have to know how well their organisations are performing as measured against internationally accepted best practices. Part of the information security management problem is that it is viewed either from a technological perspective focussing on product evaluation only, or from a procedural and management perspective focussing on evaluation of the management processes. This paper aims to provide a consolidated perspective that takes both these aspects into consideration when measuring and evaluating the information security level of an organisation.
引用
收藏
页码:11 / 18
页数:4
相关论文
共 50 条
  • [41] Evaluation of Users' Awareness and Their Reaction on Information Security
    Zeki, Akram M.
    Hamid, Habiba
    [J]. 2015 4TH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTER SCIENCE APPLICATIONS AND TECHNOLOGIES (ACSAT), 2015, : 251 - 255
  • [42] Symposium: "Performance Evaluation of Networks, and Information Security"
    Meletiou, Gerasimos C.
    [J]. INTERNATIONAL ELECTRONIC CONFERENCE ON COMPUTER SCIENCE, 2008, 1060 : 377 - 378
  • [43] THE EFFECTS OF PRODUCT KNOWLEDGE ON THE COMPREHENSION, RETENTION, AND EVALUATION OF PRODUCT INFORMATION
    ALBA, JW
    [J]. ADVANCES IN CONSUMER RESEARCH, 1983, 10 : 577 - 580
  • [44] A Study of Information Security Evaluation and Risk Assessment
    Li, Jingyi
    Chao, Shiwei
    Huo, Minxia
    [J]. 2015 FIFTH INTERNATIONAL CONFERENCE ON INSTRUMENTATION AND MEASUREMENT, COMPUTER, COMMUNICATION AND CONTROL (IMCCC), 2015, : 1909 - 1912
  • [45] Evaluation of the Adoption of an Information Systems Security Policy
    Lopes, Isabel Maria
    Oliveira, Pedro
    [J]. 2015 10TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI), 2015,
  • [46] Advanced Information Security Management Evaluation System
    Jo, Heasuk
    Kim, Seungjoo
    Won, Dongho
    [J]. KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2011, 5 (06): : 1192 - 1213
  • [47] A novel security risk evaluation for information systems
    Gan, Zaobin
    Tang, Jiufei
    Wu, Ping
    Varadharajan, Vijay
    [J]. 2007 JAPAN-CHINA JOINT WORKSHOP ON FRONTIER OF COMPUTER SCIENCE AND TECHNOLOGY, PROCEEDINGS, 2007, : 67 - +
  • [48] Empirical Evaluation of Information Security planning and Integration
    Young, Randall F.
    Windsor, John
    [J]. COMMUNICATIONS OF THE ASSOCIATION FOR INFORMATION SYSTEMS, 2010, 26 : 245 - 266
  • [49] Simulation of the effectiveness evaluation process of security systems
    Godovykh, A. V.
    Stepanov, B. P.
    Sheveleva, A. A.
    Sharafieva, K. R.
    [J]. VIII INTERNATIONAL SCIENTIFIC CONFERENCE - ISSUES OF PHYSICS AND TECHNOLOGY IN SCIENCE, INDUSTRY AND MEDICINE, 2016, 135
  • [50] NOTE ON INFORMATION IN THE LOAN EVALUATION PROCESS
    STANHOUSE, B
    SHERMAN, L
    [J]. JOURNAL OF FINANCE, 1979, 34 (05): : 1263 - 1269
12345