A Framework for Information Security Governance and Management

被引：19

作者：

Carcary, Marian ^{[1
]}

Renaud, Karen ^{[2
]}

McLaughlin, Stephen ^{[3
,4
]}

O'Brien, Conor ^{[1
]}

机构：

[1] Maynooth Univ, Innovat Value Inst, Maynooth, Kildare, Ireland

[2] Univ Glasgow, Glasgow G12 8QQ, Lanark, Scotland

[3] Maynooth Univ, R&D, Innovat Value Inst, Maynooth, Kildare, Ireland

[4] Maynooth Univ, IT Competence Ctr, Maynooth, Kildare, Ireland

来源：

IT PROFESSIONAL | 2016年 / 18卷 / 02期

关键词：

capability maturity; information security governance; information security management; IT-CMF;

D O I：

10.1109/MITP.2016.27

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The capability maturity framework presented helps organizations assess their maturity state and identify problem areas. It addresses the technical, process, and human aspects of information security and provides guidelines for implementing information security governance and management processes.

引用

页码：22 / 30

页数：9

共 16 条

[1]

Alfawaz S., 2010, P 8 AUSTRALASIAN INF, V105, P47

[2]

Alqurashi E, 2013, IFIP ADV INF COMM TE, V405, P245

[3]

[Anonymous], 2013, ISO IEC 27002 2013 I

[4]

[Anonymous], 2015, INF SEC MAN

[5]

Chaudhry P.E., 2012, Economics, Management and Financial Markets, V7, P587

[6]

Curley M., 2015, INFORM TECHNOLOGY CA

[7] A framework and assessment instrument for information security culture [J].

Da Veiga, A. ;

Eloff, J. H. P. .

COMPUTERS & SECURITY, 2010, 29 (02) :196-207

[8]

Hu Q, 2012, DECISION SCI, V43, P615, DOI 10.1111/j.1540-5915.2012.00361.x

[9]

ISACA, 2012, COBIT 5: A Business Framework for the Governance and Management of Enterprise IT

[10] Unrealistic optimism on information security management [J].

Rhee, Hyeun-Suk ;

Ryu, Young U. ;

Kim, Cheong-Tag .

COMPUTERS & SECURITY, 2012, 31 (02) :221-232

← 1 2 →