Information security management and modelling

Lam-For Kwok; Dennis Longley

doi:10.1108/09685229910255179

Information security management and modelling

Lam-For Kwok, Dennis Longley

Department of Computer Science

Research output: Journal Publications and Reviews › RGC 22 - Publication in policy or professional journal

33 Citations (Scopus)

Abstract

Information security management has been placed on a firmer footing with the publication of standards by national bodies. These standards provide an opportunity for security managers to gain senior management recognition of the importance of procedures and mechanisms to enhance information security. They may also place demands on security managers to provide convincing demonstration of conformance to the standards. The risk data repository (RDR) computer model described in this paper was developed to manage organisational information security data and facilitate risk analysis studies. The RDR provides a form of computer documentation that can assist the security officer to maintain a continuous record of the organisational information security scenario and facilitate system security development, business continuity planning and standards conformance audits.

Original language	English
Pages (from-to)	30-39
Journal	Information Management and Computer Security
Volume	7
Issue number	1
DOIs	https://doi.org/10.1108/09685229910255179
Publication status	Published - 1999

Research Keywords

Computer security
Data security
Information systems
Modelling
Risk management
Standards

Access Output

10.1108/09685229910255179

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@article{9e82faa03d024cb48e1cd98b20db4f5a,

title = "Information security management and modelling",

abstract = "Information security management has been placed on a firmer footing with the publication of standards by national bodies. These standards provide an opportunity for security managers to gain senior management recognition of the importance of procedures and mechanisms to enhance information security. They may also place demands on security managers to provide convincing demonstration of conformance to the standards. The risk data repository (RDR) computer model described in this paper was developed to manage organisational information security data and facilitate risk analysis studies. The RDR provides a form of computer documentation that can assist the security officer to maintain a continuous record of the organisational information security scenario and facilitate system security development, business continuity planning and standards conformance audits.",

keywords = "Computer security, Data security, Information systems, Modelling, Risk management, Standards",

author = "Lam-For Kwok and Dennis Longley",

year = "1999",

doi = "10.1108/09685229910255179",

language = "English",

volume = "7",

pages = "30--39",

journal = "Information Management and Computer Security",

issn = "0968-5227",

publisher = "Emerald Publishing Limited",

number = "1",

}

TY - JOUR

T1 - Information security management and modelling

AU - Kwok, Lam-For

AU - Longley, Dennis

PY - 1999

Y1 - 1999

N2 - Information security management has been placed on a firmer footing with the publication of standards by national bodies. These standards provide an opportunity for security managers to gain senior management recognition of the importance of procedures and mechanisms to enhance information security. They may also place demands on security managers to provide convincing demonstration of conformance to the standards. The risk data repository (RDR) computer model described in this paper was developed to manage organisational information security data and facilitate risk analysis studies. The RDR provides a form of computer documentation that can assist the security officer to maintain a continuous record of the organisational information security scenario and facilitate system security development, business continuity planning and standards conformance audits.

AB - Information security management has been placed on a firmer footing with the publication of standards by national bodies. These standards provide an opportunity for security managers to gain senior management recognition of the importance of procedures and mechanisms to enhance information security. They may also place demands on security managers to provide convincing demonstration of conformance to the standards. The risk data repository (RDR) computer model described in this paper was developed to manage organisational information security data and facilitate risk analysis studies. The RDR provides a form of computer documentation that can assist the security officer to maintain a continuous record of the organisational information security scenario and facilitate system security development, business continuity planning and standards conformance audits.

KW - Computer security

KW - Data security

KW - Information systems

KW - Modelling

KW - Risk management

KW - Standards

UR - http://www.scopus.com/inward/record.url?scp=0011508763&partnerID=8YFLogxK

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-0011508763&origin=recordpage

U2 - 10.1108/09685229910255179

DO - 10.1108/09685229910255179

M3 - RGC 22 - Publication in policy or professional journal

SN - 0968-5227

VL - 7

SP - 30

EP - 39

JO - Information Management and Computer Security

JF - Information Management and Computer Security

IS - 1

ER -

Information security management and modelling

Abstract

Research Keywords

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this