A Model for Information Security Management
Abstract
Information Security Management consists of various facets, for example Information Security Policy, Risk Analysis, Risk Management, Contingency Planning and Disaster Recovery which are all interrelated in some way. These interrelationships often cause uncertainty and confusion among top management. Proposes a model for Information Security Management, called an Information Security Management Model (ISM⊃2) and puts all the various facts in context. The model consists of five different levels defined on a security axis. ISM⊃2 introduces the idea of international security criteria or international security standards (baselines). The rationale behind these baselines is to enable information security evaluation according to internationally‐accepted criteria.
Keywords
Citation
von Solms, R., von Solms, S.H. and Caelli, W.J. (1993), "A Model for Information Security Management", Information Management & Computer Security, Vol. 1 No. 3, pp. 12-17. https://doi.org/10.1108/09685229310041893
Publisher
:MCB UP Ltd
Copyright © 1993, MCB UP Limited