Proceedings of the first ACM workshop on Information security governance, 2009, p.59-64
2009
Details
- Autor(en) / Beteiligte
- Titel
- Security risk management using internal controls
- Ist Teil von
- Proceedings of the first ACM workshop on Information security governance, 2009, p.59-64
- Ort / Verlag
- New York, NY, USA: ACM
- Erscheinungsjahr
- 2009
- Link zum Volltext
- Quelle
- ACM Digital Library
- Beschreibungen/Notizen
- Rather than treating security as an independent technical concern, it should be considered as just another risk that needs to be managed alongside all other business risks. An Internal Controls approach to security risk management is proposed whereby automated catalogues are built in order to provide information about security controls used to mitigate risk in business processes. Real-time evaluation and measurement of control efficacy in this model become essential to the management of risk using these catalogues and a risk-profile based approach to measuring security risk is described.
- Sprache
- Englisch
- Identifikatoren
- ISBN: 9781605587875, 1605587877DOI: 10.1145/1655168.1655179Titel-ID: cdi_acm_books_10_1145_1655168_1655179
- Format
- –
- Schlagworte
- Security and privacy -- Cryptography -- Cryptanalysis and other attacks, Security and privacy -- Intrusion/anomaly detection and malware mitigation, Security and privacy -- Security in hardware, Security and privacy -- Security services -- Authentication, Social and professional topics -- Computing -- technology policy -- Computer crime