EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

An information security control assessment methodology for organizations' financial information

Angel R. Otero

International Journal of Accounting Information Systems, 2015, vol. 18, issue C, 26-45

Abstract: In an era where dependence of information systems is significantly high, the threat of incidents related to information security that could jeopardize financial information held by organizations is serious. Alarming facts within the literature point to inadequacies in information security practices, particularly the evaluation of information security controls in organizations. Research efforts have resulted in various methodologies developed to deal with the information security controls assessment problem. A closer look at these traditional methodologies highlights various weaknesses that prevent an effective information security controls assessment in organizations. This paper develops a methodology that addresses such weaknesses when evaluating information security controls in organizations' financial systems. The methodology uses the fuzzy set theory which allows for a more accurate assessment of imprecise criteria than traditional methodologies. It is argued that using the fuzzy set theory to evaluate information security controls in organizations addresses existing weaknesses identified in the literature and leads to a more precise assessment. This, in turn, results in a more effective selection of information security controls and enhanced information security in organizations. The main contribution of this research is the development of a fuzzy set theory-based assessment methodology that provides for a thorough evaluation of information security controls in organizations. Overall, the methodology presented herein proved to be a feasible technique for evaluating information security controls in organizations' financial systems.

Keywords: Assessment; Design science research; Evaluation; Fuzzy logic; Fuzzy set theory; Information security controls (search for similar items in EconPapers)
Date: 2015
References: View complete reference list from CitEc
Citations: View citations in EconPapers (1)

Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S1467089515000238
Full text for ScienceDirect subscribers only

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:eee:ijoais:v:18:y:2015:i:c:p:26-45

DOI: 10.1016/j.accinf.2015.06.001

Access Statistics for this article

International Journal of Accounting Information Systems is currently edited by S.V. Grabski

More articles in International Journal of Accounting Information Systems from Elsevier
Bibliographic data for series maintained by Catherine Liu ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:eee:ijoais:v:18:y:2015:i:c:p:26-45