 A Mark-Up Language for the Specification of Information Security Governance RequirementsAnirban Sengupta and
Chandan Mazumdar
International Journal of Information Security and Privacy (IJISP), 2011, vol. 5, issue 2, 33-53 Abstract: As enterprises become dependent on information systems, the need for effective Information Security Governance (ISG) assumes significance. ISG manages risks relating to the confidentiality, integrity and availability of information, and its supporting processes and systems, in an enterprise. Even a medium-sized enterprise contains a huge collection of information and other assets. Moreover, risks evolve rapidly in today’s connected digital world. Therefore, the proper implementation of ISG requires automation of the various monitoring, analysis, and control processes. This can be best achieved by representing information security requirements of an enterprise in a standard, structured format. This paper presents such a structured format in the form of Enterprise Security Requirement Markup Language (ESRML) Version 2.0. It is an XML-based language that considers the elements of ISO 27002 best practices. Date: 2011 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:igg:jisp00:v:5:y:2011:i:2:p:33-53 Access Statistics for this article International Journal of Information Security and Privacy (IJISP) is currently edited by Yassine Maleh More articles in International Journal of Information Security and Privacy (IJISP) from IGI Global |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.