INFORMATION RISK MANAGEMENT AND RESILIENCE

被引：0

作者：

Dynes, Scott

机构：

来源：

CRITICAL INFRASTRUCTURE PROTECTION III | 2009年 / 311卷

关键词：

Information risk management; resilience; field studies; SECURITY;

D O I：

暂无

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Are the levels of information risk management efforts within and between firms correlated with the resilience of the firms to information disruptions? This paper examines the question by considering the results of field studies of information risk management practices at organizations and in supply chains. The organizations investigated differ greatly in the degree of coupling from a general and information risk management standpoint, as well as in the levels of internal awareness and activity regarding information risk management. The comparison of the levels of information risk management in the firms and their actual or inferred resilience indicates that a formal information risk management approach is not necessary for resilience in certain sectors.

引用

页码：3 / 17

页数：15

共 11 条

[1] Alberts C.J., 2003, MANAGING INFORM SECU
[2] Information security and risk management
Bodin, Lawrence D.
Gordon, Lawrence A.
Loeb, Martin P.
[J]. COMMUNICATIONS OF THE ACM, 2008, 51 (04) : 64 - 68
[3] Dynes S., 2006, INFORM SECURITY HLTH
[4] Dynes S, 2008, INT FED INFO PROC, V290, P3
[5] Dynes Scott, 2006, INFORM SECURITY INVE
[6] Geer D., 1998, The Risks Digest, V20
[7] Embedding information security into the organization
Johnson, M. Eric
Goetz, Eric
[J]. IEEE SECURITY & PRIVACY, 2007, 5 (03) : 16 - 24
[8] Narayan Kirin., 2001, Handbook of Interview Research: Context Method, P815
[9] Stoneburner G., 2002, RISK MANAGEMENT GUID
[10] WATTERS C, 2006, 2 ANN I3P PROC CONTR

← 1 2 →