Towards value-based information security management monitoring
Autor(a) principal: | |
---|---|
Data de Publicação: | 2013 |
Outros Autores: | , , |
Tipo de documento: | Artigo de conferência |
Idioma: | eng |
Título da fonte: | Repositório Institucional da Universidade Federal do Ceará (UFC) |
Texto Completo: | http://www.repositorio.ufc.br/handle/riufc/69533 |
Resumo: | The main objective of Information Security Management (ISM) is to align IT security with business security in all service and service management activities within an integrated strategy with corporate IT governance. To obtain a full IT-business alignment is still a challenge to managers. In continual service improvement (CSI) related activities, such as ISM, this problem is even more apparent. The actual impact upon business, due to lower quality results in ISM, is not apparent to top level executives. This article discusses an integration of ISM with a CSI approach and illustrates its benefits and gains. We proposed a value-based framework to evaluate the ISM process in a quantitative manner, whereby estimating the ISM value and quality indicators which can be used to input ISM and IT services performance in strategic planning tools. We discuss and illustrate the cause effect relation and innovations of this idea to common ISM practices. |
id |
UFC-7_cceef86ff297ebdeb6dff4a942b8d037 |
---|---|
oai_identifier_str |
oai:repositorio.ufc.br:riufc/69533 |
network_acronym_str |
UFC-7 |
network_name_str |
Repositório Institucional da Universidade Federal do Ceará (UFC) |
repository_id_str |
|
spelling |
Towards value-based information security management monitoringInformation security managementFuzzy modelsContinual service improvementThe main objective of Information Security Management (ISM) is to align IT security with business security in all service and service management activities within an integrated strategy with corporate IT governance. To obtain a full IT-business alignment is still a challenge to managers. In continual service improvement (CSI) related activities, such as ISM, this problem is even more apparent. The actual impact upon business, due to lower quality results in ISM, is not apparent to top level executives. This article discusses an integration of ISM with a CSI approach and illustrates its benefits and gains. We proposed a value-based framework to evaluate the ISM process in a quantitative manner, whereby estimating the ISM value and quality indicators which can be used to input ISM and IT services performance in strategic planning tools. We discuss and illustrate the cause effect relation and innovations of this idea to common ISM practices.International Symposium on Integrated Network Management2022-11-25T14:23:23Z2022-11-25T14:23:23Z2013info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObjectapplication/pdfLIMA, A. S. et al. Towards value-based information security management monitoring. In: INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT, 2013, Gante. Anais... Gante, 2013. p. 1260-1267.http://www.repositorio.ufc.br/handle/riufc/69533Lima, Alberto SampaioSouza, José Neuman deCastelo Branco Júnior, EliseuRibas, Maristellaengreponame:Repositório Institucional da Universidade Federal do Ceará (UFC)instname:Universidade Federal do Ceará (UFC)instacron:UFCinfo:eu-repo/semantics/openAccess2022-11-25T14:23:23Zoai:repositorio.ufc.br:riufc/69533Repositório InstitucionalPUBhttp://www.repositorio.ufc.br/ri-oai/requestbu@ufc.br || repositorio@ufc.bropendoar:2024-09-11T19:00:48.401769Repositório Institucional da Universidade Federal do Ceará (UFC) - Universidade Federal do Ceará (UFC)false |
dc.title.none.fl_str_mv |
Towards value-based information security management monitoring |
title |
Towards value-based information security management monitoring |
spellingShingle |
Towards value-based information security management monitoring Lima, Alberto Sampaio Information security management Fuzzy models Continual service improvement |
title_short |
Towards value-based information security management monitoring |
title_full |
Towards value-based information security management monitoring |
title_fullStr |
Towards value-based information security management monitoring |
title_full_unstemmed |
Towards value-based information security management monitoring |
title_sort |
Towards value-based information security management monitoring |
author |
Lima, Alberto Sampaio |
author_facet |
Lima, Alberto Sampaio Souza, José Neuman de Castelo Branco Júnior, Eliseu Ribas, Maristella |
author_role |
author |
author2 |
Souza, José Neuman de Castelo Branco Júnior, Eliseu Ribas, Maristella |
author2_role |
author author author |
dc.contributor.author.fl_str_mv |
Lima, Alberto Sampaio Souza, José Neuman de Castelo Branco Júnior, Eliseu Ribas, Maristella |
dc.subject.por.fl_str_mv |
Information security management Fuzzy models Continual service improvement |
topic |
Information security management Fuzzy models Continual service improvement |
description |
The main objective of Information Security Management (ISM) is to align IT security with business security in all service and service management activities within an integrated strategy with corporate IT governance. To obtain a full IT-business alignment is still a challenge to managers. In continual service improvement (CSI) related activities, such as ISM, this problem is even more apparent. The actual impact upon business, due to lower quality results in ISM, is not apparent to top level executives. This article discusses an integration of ISM with a CSI approach and illustrates its benefits and gains. We proposed a value-based framework to evaluate the ISM process in a quantitative manner, whereby estimating the ISM value and quality indicators which can be used to input ISM and IT services performance in strategic planning tools. We discuss and illustrate the cause effect relation and innovations of this idea to common ISM practices. |
publishDate |
2013 |
dc.date.none.fl_str_mv |
2013 2022-11-25T14:23:23Z 2022-11-25T14:23:23Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/conferenceObject |
format |
conferenceObject |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
LIMA, A. S. et al. Towards value-based information security management monitoring. In: INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT, 2013, Gante. Anais... Gante, 2013. p. 1260-1267. http://www.repositorio.ufc.br/handle/riufc/69533 |
identifier_str_mv |
LIMA, A. S. et al. Towards value-based information security management monitoring. In: INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT, 2013, Gante. Anais... Gante, 2013. p. 1260-1267. |
url |
http://www.repositorio.ufc.br/handle/riufc/69533 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
International Symposium on Integrated Network Management |
publisher.none.fl_str_mv |
International Symposium on Integrated Network Management |
dc.source.none.fl_str_mv |
reponame:Repositório Institucional da Universidade Federal do Ceará (UFC) instname:Universidade Federal do Ceará (UFC) instacron:UFC |
instname_str |
Universidade Federal do Ceará (UFC) |
instacron_str |
UFC |
institution |
UFC |
reponame_str |
Repositório Institucional da Universidade Federal do Ceará (UFC) |
collection |
Repositório Institucional da Universidade Federal do Ceará (UFC) |
repository.name.fl_str_mv |
Repositório Institucional da Universidade Federal do Ceará (UFC) - Universidade Federal do Ceará (UFC) |
repository.mail.fl_str_mv |
bu@ufc.br || repositorio@ufc.br |
_version_ |
1813029033312518144 |