IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

A Holistic Approach to Information Security Assurance and Risk Management in an Enterprise

A Holistic Approach to Information Security Assurance and Risk Management in an Enterprise
View Sample PDF
Author(s): Roy Ng (Ryerson University, Canada)
 Copyright: 2009
 Pages: 13
 Source title: Handbook of Research on Information Security and Assurance
Source Author(s)/Editor(s): Jatinder N. D. Gupta (The University of Alabama in Huntsville, USA)and Sushil Sharma (Ball State University, USA)
 DOI: 10.4018/978-1-59904-855-0.ch005

Purchase

View A Holistic Approach to Information Security Assurance and Risk Management in an Enterprise on the publisher's website for pricing and purchasing information.

Abstract

The hypergrowth of computing and communications technologies increases security vulnerabilities to organizations. The lack of resources training, the complexity of new technologies, and the slow legislation process to deter the breach of security all constitute to the trends of increasing security risk in an enterprise. Traditional approaches to risk assessment focusing on either the departmental or branch level lacks of an enterprise perspective. Many organizations assess and mitigate security risks from a technology perspective and deploy technology solutions. This approach ignores the importance of assessing security risk in policy and execution. This chapter discusses a systematic and holistic approach to managing security risk. An approach that utilizes the information life cycle and information assurance (IA) assessment points for the creation of policy, monitoring, auditing of security performance, regulate, and initiate corrective action to minimize vulnerabilities. An “information life cycle” is being proposed with its stage value and the underlying security operatives (gate-points) to protect the information. An information assurance framework and its functions to audit the information security implemented in an enterprise are proposed. Organization must assess the value and the business impact of the information, so that optimal and effective security system and security assurance can be designed.

Related Content

Chaymaâ Boutahiri, Ayoub Nouaiti, Aziz Bouazi, Abdallah Marhraoui Hsaini. © 2024. 14 pages.
Imane Cheikh, Khaoula Oulidi Omali, Mohammed Nabil Kabbaj, Mohammed Benbrahim. © 2024. 30 pages.
Tahiri Omar, Herrou Brahim, Sekkat Souhail, Khadiri Hassan. © 2024. 19 pages.
Sekkat Souhail, Ibtissam El Hassani, Anass Cherrafi. © 2024. 14 pages.
Meryeme Bououchma, Brahim Herrou. © 2024. 14 pages.
Touria Jdid, Idriss Chana, Aziz Bouazi, Mohammed Nabil Kabbaj, Mohammed Benbrahim. © 2024. 16 pages.
Houda Bentarki, Abdelkader Makhoute, Tőkési Karoly. © 2024. 10 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2024, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.