Abstract
What can’t be measured couldn’t be management. The old wisdom of management gain more importance in information security management. The key problem in most organizations is that no one is able to give a statement whether the whole security management system works over all management levels top down or not. Mostly security managers raise information about technical goals and other controls applied in an ISO 27001 ISMS. Less than 10% we think can proof the success down to the last level. The approach mentioned in this text shown a model enabling all managers to measure the success of security through the whole organization.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Literature
International Organization for Standardization (ISO), Information technology – Security techniques – Information security management – Measurement, ISO/IEC 27004:2009
International Organization for Standardization (ISO), Information technology – Security techniques – Information security management – Requirements, ISO/IEC 27001:2005
National Institute of Standards and Technology (NIST), Performance Measurement Guide for Information Security, NIST SP 800-55, Revision 1, Juli 2008, Download via http://csrc.nist.gov/publications/PubsSPs.html
Humpert-Vrielink, Frederik: Kennzahlen furs ISMS. In: <Ita> 2012#, secumedia 2012, p. 13-17
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Humpert-Vrielink, F., Vrielink, N. (2012). A Modern Approach on Information Security Measurement. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2012 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-00333-3_5
Download citation
DOI: https://doi.org/10.1007/978-3-658-00333-3_5
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-00332-6
Online ISBN: 978-3-658-00333-3
eBook Packages: Computer ScienceComputer Science (R0)