Information security management and modelling
Research output: Journal Publications and Reviews (RGC: 21, 22, 62) › 22_Publication in policy or professional journal
Related Research Unit(s)
|Journal / Publication||Information Management and Computer Security|
|Publication status||Published - 1999|
|Link to Scopus||https://www.scopus.com/record/display.uri?eid=2-s2.0-0011508763&origin=recordpage|
Information security management has been placed on a firmer footing with the publication of standards by national bodies. These standards provide an opportunity for security managers to gain senior management recognition of the importance of procedures and mechanisms to enhance information security. They may also place demands on security managers to provide convincing demonstration of conformance to the standards. The risk data repository (RDR) computer model described in this paper was developed to manage organisational information security data and facilitate risk analysis studies. The RDR provides a form of computer documentation that can assist the security officer to maintain a continuous record of the organisational information security scenario and facilitate system security development, business continuity planning and standards conformance audits.
- Computer security, Data security, Information systems, Modelling, Risk management, Standards