DocumentCode :
3372059
Title :
Strategic Planning for Information Security and Assurance
Author :
Port, Daniel ; Kazman, Rick ; Takenaka, Ann
Author_Institution :
Dept. of Inf. Technol. Manage., Hawaii Univ., Hilo, HI
fYear :
2008
fDate :
24-26 April 2008
Firstpage :
466
Lastpage :
471
Abstract :
Dealing with risk is critical to the success of any information security and assurance endeavor. With society\´s ever-increasing dependence on large-scale information systems, dealing with security risk is a topic of considerable importance and attention. It is generally infeasible to provide "total security" for any information system. As a result, successful risk management must be strategically planned with regard to desired assurance levels and costs. In this paper we define the practices associated with strategic planning for managing information security and assurance. We provide a concrete and practical approach for generating such strategic plans that is provably optimal and robust.
Keywords :
information systems; risk management; security of data; strategic planning; information assurance; information security; large-scale information system; risk management; security risk; strategic planning; Conference management; Costs; Data security; Information management; Information security; Information technology; Management information systems; Risk management; Robustness; Strategic planning; security planning; security risk managament; strategic planning;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Security and Assurance, 2008. ISA 2008. International Conference on
Conference_Location :
Busan
Print_ISBN :
978-0-7695-3126-7
Type :
conf
DOI :
10.1109/ISA.2008.88
Filename :
4511612
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3372059
بازگشت