Towards value-based information security management monitoring

Detalhes bibliográficos
Autor(a) principal: Lima, Alberto Sampaio
Data de Publicação: 2013
Outros Autores: Souza, José Neuman de, Castelo Branco Júnior, Eliseu, Ribas, Maristella
Tipo de documento: Artigo de conferência
Idioma: eng
Título da fonte: Repositório Institucional da Universidade Federal do Ceará (UFC)
Texto Completo: http://www.repositorio.ufc.br/handle/riufc/69533
Resumo: The main objective of Information Security Management (ISM) is to align IT security with business security in all service and service management activities within an integrated strategy with corporate IT governance. To obtain a full IT-business alignment is still a challenge to managers. In continual service improvement (CSI) related activities, such as ISM, this problem is even more apparent. The actual impact upon business, due to lower quality results in ISM, is not apparent to top level executives. This article discusses an integration of ISM with a CSI approach and illustrates its benefits and gains. We proposed a value-based framework to evaluate the ISM process in a quantitative manner, whereby estimating the ISM value and quality indicators which can be used to input ISM and IT services performance in strategic planning tools. We discuss and illustrate the cause effect relation and innovations of this idea to common ISM practices.
id UFC-7_cceef86ff297ebdeb6dff4a942b8d037
oai_identifier_str oai:repositorio.ufc.br:riufc/69533
network_acronym_str UFC-7
network_name_str Repositório Institucional da Universidade Federal do Ceará (UFC)
repository_id_str
spelling Towards value-based information security management monitoringInformation security managementFuzzy modelsContinual service improvementThe main objective of Information Security Management (ISM) is to align IT security with business security in all service and service management activities within an integrated strategy with corporate IT governance. To obtain a full IT-business alignment is still a challenge to managers. In continual service improvement (CSI) related activities, such as ISM, this problem is even more apparent. The actual impact upon business, due to lower quality results in ISM, is not apparent to top level executives. This article discusses an integration of ISM with a CSI approach and illustrates its benefits and gains. We proposed a value-based framework to evaluate the ISM process in a quantitative manner, whereby estimating the ISM value and quality indicators which can be used to input ISM and IT services performance in strategic planning tools. We discuss and illustrate the cause effect relation and innovations of this idea to common ISM practices.International Symposium on Integrated Network Management2022-11-25T14:23:23Z2022-11-25T14:23:23Z2013info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObjectapplication/pdfLIMA, A. S. et al. Towards value-based information security management monitoring. In: INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT, 2013, Gante. Anais... Gante, 2013. p. 1260-1267.http://www.repositorio.ufc.br/handle/riufc/69533Lima, Alberto SampaioSouza, José Neuman deCastelo Branco Júnior, EliseuRibas, Maristellaengreponame:Repositório Institucional da Universidade Federal do Ceará (UFC)instname:Universidade Federal do Ceará (UFC)instacron:UFCinfo:eu-repo/semantics/openAccess2022-11-25T14:23:23Zoai:repositorio.ufc.br:riufc/69533Repositório InstitucionalPUBhttp://www.repositorio.ufc.br/ri-oai/requestbu@ufc.br || repositorio@ufc.bropendoar:2024-09-11T19:00:48.401769Repositório Institucional da Universidade Federal do Ceará (UFC) - Universidade Federal do Ceará (UFC)false
dc.title.none.fl_str_mv Towards value-based information security management monitoring
title Towards value-based information security management monitoring
spellingShingle Towards value-based information security management monitoring
Lima, Alberto Sampaio
Information security management
Fuzzy models
Continual service improvement
title_short Towards value-based information security management monitoring
title_full Towards value-based information security management monitoring
title_fullStr Towards value-based information security management monitoring
title_full_unstemmed Towards value-based information security management monitoring
title_sort Towards value-based information security management monitoring
author Lima, Alberto Sampaio
author_facet Lima, Alberto Sampaio
Souza, José Neuman de
Castelo Branco Júnior, Eliseu
Ribas, Maristella
author_role author
author2 Souza, José Neuman de
Castelo Branco Júnior, Eliseu
Ribas, Maristella
author2_role author
author
author
dc.contributor.author.fl_str_mv Lima, Alberto Sampaio
Souza, José Neuman de
Castelo Branco Júnior, Eliseu
Ribas, Maristella
dc.subject.por.fl_str_mv Information security management
Fuzzy models
Continual service improvement
topic Information security management
Fuzzy models
Continual service improvement
description The main objective of Information Security Management (ISM) is to align IT security with business security in all service and service management activities within an integrated strategy with corporate IT governance. To obtain a full IT-business alignment is still a challenge to managers. In continual service improvement (CSI) related activities, such as ISM, this problem is even more apparent. The actual impact upon business, due to lower quality results in ISM, is not apparent to top level executives. This article discusses an integration of ISM with a CSI approach and illustrates its benefits and gains. We proposed a value-based framework to evaluate the ISM process in a quantitative manner, whereby estimating the ISM value and quality indicators which can be used to input ISM and IT services performance in strategic planning tools. We discuss and illustrate the cause effect relation and innovations of this idea to common ISM practices.
publishDate 2013
dc.date.none.fl_str_mv 2013
2022-11-25T14:23:23Z
2022-11-25T14:23:23Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/conferenceObject
format conferenceObject
status_str publishedVersion
dc.identifier.uri.fl_str_mv LIMA, A. S. et al. Towards value-based information security management monitoring. In: INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT, 2013, Gante. Anais... Gante, 2013. p. 1260-1267.
http://www.repositorio.ufc.br/handle/riufc/69533
identifier_str_mv LIMA, A. S. et al. Towards value-based information security management monitoring. In: INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT, 2013, Gante. Anais... Gante, 2013. p. 1260-1267.
url http://www.repositorio.ufc.br/handle/riufc/69533
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv International Symposium on Integrated Network Management
publisher.none.fl_str_mv International Symposium on Integrated Network Management
dc.source.none.fl_str_mv reponame:Repositório Institucional da Universidade Federal do Ceará (UFC)
instname:Universidade Federal do Ceará (UFC)
instacron:UFC
instname_str Universidade Federal do Ceará (UFC)
instacron_str UFC
institution UFC
reponame_str Repositório Institucional da Universidade Federal do Ceará (UFC)
collection Repositório Institucional da Universidade Federal do Ceará (UFC)
repository.name.fl_str_mv Repositório Institucional da Universidade Federal do Ceará (UFC) - Universidade Federal do Ceará (UFC)
repository.mail.fl_str_mv bu@ufc.br || repositorio@ufc.br
_version_ 1813029033312518144