Improvement of Information System Security Risk Management

被引：0

作者：

Abbass, Wissam ^{[1
]}

Baina, Amine ^{[1
]}

Bellafkih, Mostafa ^{[1
]}

机构：

[1] Natl Inst Posts & Telecommun INPT, STRS Lab, RAI2S Team, Rabat, Morocco

来源：

2016 4TH IEEE INTERNATIONAL COLLOQUIUM ON INFORMATION SCIENCE AND TECHNOLOGY (CIST) | 2016年

关键词：

Information system security risk management; Information system security risk management alignement; Security modeling; Entreprise Architecture Management; IT risk management;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The Information System Security Risk management (ISSRM) in organizations is ultimate for business success. ISSRM protects information availability, integrity, and privacy. However, this latter remains a difficult area to establish and maintain, especially in the environment of today's organizations where operations are conducted in a complex and interconnected context. The aim of this paper is to highlight the contribution of Enterprise Architecture Management (EAM) in order to improve ISSRM. When organization business services and strategic planning are aligned with proactive ISSRM activities, a well-defined strategy to reach business value is achieved. For this purpose, we will first explore risk management methods and security modeling languages to understand why EAM would be benefic. The contribution of this paper is an ISSRM model described by the constructs of ArchiMate, a well-known EAM modeling language.

引用

页码：182 / 187

页数：6

共 50 条

[31] Information Security Risk Management in a World of Services
Lalanne, Vincent
Munier, Manuel
Gabillon, Alban
[J]. 2013 ASE/IEEE INTERNATIONAL CONFERENCE ON SOCIAL COMPUTING (SOCIALCOM), 2013, : 586 - 593
[32] Organizational Management Role In Information Security Management System
Qusef, Abdallah
Arafat, Mais
Al-Taher, Samar
[J]. ICFNDS'18: PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON FUTURE NETWORKS AND DISTRIBUTED SYSTEMS, 2018,
[33] Improvement of the Mechanism of Provision of Food Security of Russia Within Management of Risk System of Entrepreneurship
Fufacheva, Lyudmila A.
Lepeshkin, Sergey M.
Fokina, Olga V.
Sozinova, Anastasia A.
Shchinova, Raisa A.
[J]. OVERCOMING UNCERTAINTY OF INSTITUTIONAL ENVIRONMENT AS A TOOL OF GLOBAL CRISIS MANAGEMENT, 2017, : 9 - 14
[34] Electronic Archival Information System Security Management System
Weng, Dong-dong
Wang, Xiao-fang
[J]. INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND MANAGEMENT ENGINEERING (ITME 2014), 2014, : 210 - 213
[35] INFORMATION SECURITY MANAGEMENT SYSTEM AND CYBER SECURITY IN THE CZECH REPUBLIC
Drastich, Martin
[J]. ZNALOSTI PRO TRZNI PRAXI 2015: ZENY - PODNIKATELKY V MINULOSTI A SOUCASNOSTI, 2015, : 85 - 90
[36] The Design of Information Security Risk Management: A Case Study Human Resources Information System at XYZ University
Anang, Agus
Gandhi, Arfive
Sucahyo, Yudho Giri
[J]. 2021 4TH INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATICS ENGINEERING (IC2IE 2021), 2021, : 198 - 203
[37] Cybersecurity Risk Management Scenarios for Teaching Information Security Management
Allison, Jordan
[J]. JOURNAL OF APPLIED SECURITY RESEARCH, 2024,
[38] Continuous improvement of information security management: an organisational learning perspective
Ghahramani, Fereshteh
Yazdanmehr, Adel
Chen, Daniel
Wang, Jingguo
[J]. EUROPEAN JOURNAL OF INFORMATION SYSTEMS, 2023, 32 (06) : 1011 - 1032
[39] The Design of Information Security Management System in College
Li, Xinli
[J]. INTERNATIONAL CONFERENCE ON EDUCATION & EDUCATIONAL RESEARCH AND ENVIRONMENTAL STUDIES (EERES 2016), 2016, : 49 - 52
[40] The Measurement Design of Information Security Management System
Nancylia, Merry
Mudjtabar, Eddy K.
Sutikno, Sarwono
Rosmansyah, Yusep
[J]. 2014 8TH INTERNATIONAL CONFERENCE ON TELECOMMUNICATION SYSTEMS SERVICES AND APPLICATIONS (TSSA), 2014,

← 1 2 3 4 5 →