 An integrated system for information security management with the unified frameworkTsung-Han Yang, Cheng-Yuan Ku and Man-Nung Liu Journal of Risk Research, 2016, vol. 19, issue 1, 21-41 Abstract: Information security management plays an essential role for drawing the roadmap of information security; thus, many theoretical methodologies and practical standards are brought into this domain. However, many standards and methodologies are too cumbersome to be adopted by an organization. Additionally, there is no unified framework to systematically handle the tedious tasks of information security management. This study's primary goal is to design an integrated system for information security management (ISISM) that aims to use current methodologies and standards to solve the above-mentioned issues. Because business impact analysis and risk analysis are the most important areas within this domain, we carefully select the related methods and then integrate them into a unified framework, upon which the proposed ISISM depends. To achieve this outcome for this study, security requirement engineering is adopted, which enables the designed system to support system users in generating risk assessment reports with related information security policies. Date: 2016 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:taf:jriskr:v:19:y:2016:i:1:p:21-41 Ordering information: This journal article can be ordered from DOI: 10.1080/13669877.2014.940593 Access Statistics for this article Journal of Risk Research is currently edited by Bryan MacGregor More articles in Journal of Risk Research from Taylor & Francis Journals |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.