تقرير
An Adaptable Maturity Strategy for Information Security
| العنوان: | An Adaptable Maturity Strategy for Information Security |
|---|---|
| المؤلفون: | Alencar, Gliner Dias, de Moura, Hermano Perrelli, Júnior, Ivaldir Honório de Farias, Filho, José Gilson de Almeida Teixeira |
| المصدر: | Journal of Convergence Information Technology (JCIT), Volume 13, Number 2, Jun. 2018, p. 1-12. ISSN 1975-9320 (Print) 2233-9299 (Online). Retrieved from http://www.globalcis.org/dl/citation.html?id=JCIT-4403 |
| سنة النشر: | 2018 |
| المجموعة: | Computer Science |
| مصطلحات موضوعية: | Computer Science - Cryptography and Security |
| الوصف: | The lack of security in information systems has caused numerous financial and moral losses to several organizations. The organizations have a series of information security measures recommended by literature and international standards. However, the implementation of policies, actions, and adjustment to such standards is not simple and must be addressed by specific needs identified by the Information Security Governance in each organization. There are many challenges in effectively establishing, maintaining, and measuring information security in a way that adds value. Those challenges demonstrate a need for further investigations which address the problem. This paper presents a strategy to measure the maturity in information security aiming, also, to assist in the application and prioritization of information security actions in the corporate environment. For this, a survey was used as the main methodological instrument, reaching 157 distinct companies. As a result, it was possible to classify the ISO/IEC 27001 and 27002 controls in four stages according to the importance given by the companies. The COBIT maturity levels and a risk analysis matrix were also used. Finally, the adaptable strategy was successfully tested in a company Comment: Journal of Convergence Information Technology (JCIT), Volume 13, Number 2, Jun. 2018, p. 1-12 |
| نوع الوثيقة: | Working Paper |
| URL الوصول: | http://arxiv.org/abs/1807.06184 |
| رقم الأكسشن: | edsarx.1807.06184 |
| قاعدة البيانات: | arXiv |
| الوصف غير متاح. |