An ISMS (Im)-Maturity Capability Model

被引：6

作者：

Woodhouse, Steven ^{[1
]}

机构：

[1] Charles Sturt Univ, Bathurst, NSW 2795, Australia

来源：

8TH IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY WORKSHOPS: CIT WORKSHOPS 2008, PROCEEDINGS | 2008年

关键词：

D O I：

10.1109/CIT.2008.Workshops.46

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Capability maturity models have been used to assess and guide process improvement initiatives for everything from software development to systems engineering, product acquisition, team management and information security to name a few. These models are based on process improvement and provide a framework to guide and measure the implementation and improvement of processes. In all of these models, the higher the level an organisation is assessed, the better (in theory) the organisation is at defining, assessing and improving their process capability This paper proposes a unique process maturity model for assessing the capability and maturity of processes that affect Information Security Management System (ISMS) within an organisation. The model describes nine levels of process maturity, four of which are below the existing five levels defined in most popular models.

引用

页码：242 / 247

页数：6

共 16 条

[1]

[Anonymous], 2005, ENTERPRISE SECURITY

[2]

[Anonymous], 2005, Assessing and managing security risk in IT systems: a structured methodology

[3]

[Anonymous], SECURITY GUIDE NETWO

[4]

BASKERVILLE R, 2002, J LOGISTICS INFORM M, V15, P5

[5]

Baskerville RL., 1988, DESIGNING INFORM SYS

[6]

CALDER A, 2005, BUSINESS GUIDE INFOR

[7]

Chapin D. A., 2005, Information Systems Control Journal, V2, P43

[8]

DHILLON G, 2008, INFORM SECURITY MANA, P1

[9]

Jones A., 2005, Risk management for computer security: Protecting your network and information assets

[10]

Leem CS, 2005, LECT NOTES ARTIF INT, V3683, P609

← 1 2 →