Considerations on the selection and prioritization of information security solutions
Maria Cristina Radulescu ()
Additional contact information
Maria Cristina Radulescu: Bucharest University of Economic Studies
The Audit Financiar journal, 2016, vol. 14, issue 137, 564
This paper provides a set of guidelines that can be used for prescribing a methodology or a detailed process for selecting and prioritizing security projects or solutions. It is based on the idea that costs of security solutions should be justified by their contribution to ensuring adequate protection of information resources in the organization which implements them. The article reviews general issues of security risks and costs, arguing the need for explicit consideration of information resources security requirements in order to validate decisions concerning security projects implementation. In such an approach, security requirements of information resources are used as a reference system to quantify the benefits and limitations of security solutions defined as alternative or complementary responses to certain security risks as their implementation faces budget constraints.
Keywords: Information security; security solution; information resource; security risk; efficiency (search for similar items in EconPapers)
JEL-codes: M15 O33 M40 D81 (search for similar items in EconPapers)
References: View complete reference list from CitEc
Citations Track citations by RSS feed
Downloads: (external link)
This item may be available elsewhere in EconPapers: Search for items with the same title.
Export reference: BibTeX
RIS (EndNote, ProCite, RefMan)
Persistent link: https://EconPapers.repec.org/RePEc:aud:audfin:v:14:y:2016:i:137:p:564
Access Statistics for this article
More articles in The Audit Financiar journal from Chamber of Financial Auditors of Romania
Series data maintained by Dumitru Valentin Florentin ().