A study on the optimal model for information security management level

The security threat the individual organization and businesses are facing is mixture of malevolent techniques both in the physical and cyber space, and the targets are expanding in the wide areas, and also the range and level of damage is increasing rapidly and broadly. The preferable way to cope with these threats is to promote positive and continuous activities with consistency, such as policy development, classification of assets, recognition of threatening, countermeasures against the intrusion accident, so that the security level which the organization sets the goal at may accomplished. However, it is difficult to cope with all the threatening situations in reality positively, and there are limitations, such as the shortage of budget and physical infrastructures. In this study, therefore, the optimal model for Information Security Management is suggested, so that the organizations planning to achieve the optimal level of security management may refer to it, and the individual organizations and businesses may back up the support of the decision making about the confronting information protecting strategies and build up and evaluate the continuous and systematic security architecture.