EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Approach of Determining Process Maturity in Information Security Management Systems

Michael Matthias Naumann, Fabian Pitz, Georg Sven Lampe and Stelian Mircea Olaru
Additional contact information
Michael Matthias Naumann: Bucharest University of Economic Studies, Bucharest, Romania
Fabian Pitz: Bucharest University of Economic Studies, Bucharest, Romania
Georg Sven Lampe: Bucharest University of Economic Studies, Bucharest, Romania
Stelian Mircea Olaru: Bucharest University of Economic Studies, Bucharest, Romania

PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON ECONOMICS AND SOCIAL SCIENCES, 2024, vol. 6, issue 1, 221-230

Abstract: The need in companies to be compliant with their business processes and to identify and minimise possible risks is an essential task today. Thus, the consideration of the process maturity for management systems of companies is an important approach to see immediately the status of processes as well as implemented requirements. By leveraging maturity levels, numbers and metrics provide a quick look at the overall condition and can be used to derive both measures and compliance with requirements. When looking at an information security management system (ISMS), there is a lack of a general process view and evaluation based on it, and thus also a holistic view beyond the detailed requirements and hard facts. The intention of the paper is to look at the status of existing, industry-specific maturity approaches for information security management systems and to analyse the possibilities for adaptation. Furthermore, based on the evaluation, a maturity model for the ISMS will be proposed to ensure key figures for the companies over time regarding the minimum requirements and certification conformity. A mapping to standards such as CMMI for the classification of the maturity level and the consideration of similar solutions and implementations will be considered. The paper is intended to show the possibility to use a concept to enable the calculation of a percentage maturity level for the representation of the information security level in the company and to make the resulting risks in information security visible. The results of this research show that the proposed approach for a unified method will help to report the maturity of information security management system processes in combination with conformity and security risk for the decision makers in companies.

Keywords: process maturity level; information security management system; maturity level assessment. (search for similar items in EconPapers)
JEL-codes: D81 L15 L21 M15 M42 O33 (search for similar items in EconPapers)
Date: 2024
References: Add references at CitEc
Citations:

Downloads: (external link)
https://www.icess.ase.ro/approach-of-determining-p ... -management-systems/ (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:rom:conase:v:6:y:2024:i:1:p:221-230

Access Statistics for this article

More articles in PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON ECONOMICS AND SOCIAL SCIENCES from Bucharest University of Economic Studies, Romania Contact information at EDIRC.
Bibliographic data for series maintained by Zamfir Andreea ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:rom:conase:v:6:y:2024:i:1:p:221-230