A meta-process for information security risk management Online publication date: Thu, 27-Nov-2008
by Katerina Papadaki, Despina Polemi
International Journal of Electronic Security and Digital Forensics (IJESDF), Vol. 1, No. 4, 2008
Abstract: Information security risk management (ISRM) is a major concern of organisations worldwide. Although the number of existing ISRM methodologies is enormous, in practice several resources are invested by organisations in creating new ISRM methodologies in order to capture more accurately the risks of their complex information systems. This is a crucial knowledge-intensive process for organisations, but in most cases it is addressed in an ad hoc manner. The existence of a systematic approach for the development of new or improved ISRM methodologies would enhance the effectiveness of the process. In this paper, we propose a systematic meta-process for developing new, or improved ISRM methods. We also present the specifications for a collaboration and knowledge-sharing platform supporting a virtual intra-organisational cross-disciplinary team, which aims at improving its ISRM methodologies by adopting the proposed meta-process.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Electronic Security and Digital Forensics (IJESDF):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com