Skip to main content
SpringerLink
Log in

A Modern Approach on Information Security Measurement

  • Chapter
  • First Online:
ISSE 2012 Securing Electronic Business Processes

Abstract

What can’t be measured couldn’t be management. The old wisdom of management gain more importance in information security management. The key problem in most organizations is that no one is able to give a statement whether the whole security management system works over all management levels top down or not. Mostly security managers raise information about technical goals and other controls applied in an ISO 27001 ISMS. Less than 10% we think can proof the success down to the last level. The approach mentioned in this text shown a model enabling all managers to measure the success of security through the whole organization.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Literature

  1. International Organization for Standardization (ISO), Information technology – Security techniques – Information security management – Measurement, ISO/IEC 27004:2009

    Google Scholar 

  2. International Organization for Standardization (ISO), Information technology – Security techniques – Information security management – Requirements, ISO/IEC 27001:2005

    Google Scholar 

  3. National Institute of Standards and Technology (NIST), Performance Measurement Guide for Information Security, NIST SP 800-55, Revision 1, Juli 2008, Download via http://csrc.nist.gov/publications/PubsSPs.html

  4. Humpert-Vrielink, Frederik: Kennzahlen furs ISMS. In: <Ita> 2012#, secumedia 2012, p. 13-17

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CETUS Consulting GmbH, Vriezenveener Straße 38, 48465, Schuettorf, Germany

    Frederik Humpert-Vrielink & Nina Vrielink

Authors

Corresponding author

Correspondence to Frederik Humpert-Vrielink .

Editor information

Editors and Affiliations

  1. DuD Datenschutz und Datensicherung, TeleTrust Deutschland e.V., Eichendorffstr. 16, Erfurt, 99096, Thüringen, Germany

    Helmut Reimer

  2. Bornhoefferstr. 40a, Aachen, 52078, Germany

    Norbert Pohlmann

  3. Abraham-Lincoln-Str. 46, Wiesbaden, 65189, Germany

    Wolfgang Schneider

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer Fachmedien Wiesbaden

About this chapter

Cite this chapter

Humpert-Vrielink, F., Vrielink, N. (2012). A Modern Approach on Information Security Measurement. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2012 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-00333-3_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-658-00333-3_5

  • Published:

  • Publisher Name: Springer Vieweg, Wiesbaden

  • Print ISBN: 978-3-658-00332-6

  • Online ISBN: 978-3-658-00333-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation