Title :
Information Security Management is Not Only Risk Management
Author :
Tashi, Igli ; Solange Ghernouti-Helie
Author_Institution :
Univ. of Lausanne, Lausanne
Abstract :
The paper considers and discusses two closely related concepts and process, namely risk management and security management. Practically, there is a tendency to consider risk management as a plenty process capable to protect information assets. Based on the literature and international standards, the paper gives an overview of all the aspects and activities related to both processes. risk management and security management are analyzed in order to point out their particularities and similitudes. The paper aims to clarify both concepts focusing on an operational, organizational and conceptual point of view by explaining which are the differences and why these two process can not been conceived or operated separately.
Keywords :
information management; risk management; security of data; information asset protection; information security management; international standards; risk management; Conference management; Environmental economics; Environmental management; Information management; Information security; Internet; Monitoring; Protection; Risk analysis; Risk management; Complex Environments; IS Management effectiveness and efficiency.; ISMS components; Information Security (IS) Management; Risk Management; Risk analysis;
Conference_Titel :
Internet Monitoring and Protection, 2009. ICIMP '09. Fourth International Conference on
Conference_Location :
Venice/Mestre
Print_ISBN :
978-1-4244-3839-6
Electronic_ISBN :
978-0-7695-3612-5
DOI :
10.1109/ICIMP.2009.31
