| | SLO | ENG | Piškotki in zasebnost

Večja pisava | Manjša pisava

Izpis gradiva

Naslov:Measuring information security performance with 10 by 10 model for holistic state evaluation
Avtorji:Bernik, Igor (Avtor)
Prislan, Kaja (Avtor)
Datoteke:.pdf PLOS_ONE_2016_Bernik,_Prislan_Measuring_Information_Security_Performance_with_10_by_10_Model_for_Holistic_State_Evaluation.PDF (2,92 MB)
 
URL http://dx.plos.org/10.1371/journal.pone.0163050
 
Jezik:Angleški jezik
Vrsta gradiva:Znanstveno delo (r2)
Tipologija:1.01 - Izvirni znanstveni članek
Organizacija:FVV - Fakulteta za varnostne vede
Opis:Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model—ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it’s recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes.
Ključne besede:information security, organizations, efficiency, measuring, security management
Leto izida:2016
Št. strani:str. 1-33
Številčenje:št. 9, Letn. 11
ISSN:1932-6203
UDK:004.056
COBISS_ID:3174634 Povezava se odpre v novem oknu
DOI:10.1371/journal.pone.0163050 Povezava se odpre v novem oknu
ISSN pri članku:1932-6203
NUK URN:URN:SI:UM:DK:PFSRX2PX
Licenca:CC BY 4.0
To delo je dosegljivo pod licenco Creative Commons Priznanje avtorstva 4.0 Mednarodna
Število ogledov:310
Število prenosov:174
Metapodatki:XML RDF-CHPDL DC-XML DC-RDF
Področja:Ostalo
:
  
Skupna ocena:(0 glasov)
Vaša ocena:Ocenjevanje je dovoljeno samo prijavljenim uporabnikom.
Objavi na:AddThis
AddThis uporablja piškotke, za katere potrebujemo vaše privoljenje.
Uredi privoljenje...

Postavite miškin kazalec na naslov za izpis povzetka. Klik na naslov izpiše podrobnosti ali sproži prenos.

Gradivo je del revije

Naslov:PloS ONE
Založnik:Public Library of Science
ISSN:1932-6203
COBISS.SI-ID:2005896 Novo okno

Sekundarni jezik

Jezik:Slovenski jezik
Ključne besede:informacijska varnost, organizacije, učinkovitost, merjenje, varnostni menedžment


Komentarji

Dodaj komentar

Za komentiranje se morate prijaviti.

Komentarji (0)
0 - 0 / 0
 
Ni komentarjev!

Nazaj
Logotipi partnerjev Univerza v Mariboru Univerza v Ljubljani Univerza na Primorskem Univerza v Novi Gorici