Abstract | ||
---|---|---|
Information Security Management Standards and Code of Practice provide guidance on good practice for security officers. However
there is still a significant gap between the security officer’s real world environment and the advice provided by information
security professionals and consultants.
This paper suggests that a uniform approach to security documentation may provide a first step in bridging that gap, and discusses
a proposed structure for such documentation. It is clear from this discussion, however, that a first attempt at security documentation
reveals a more fundamental problem, the lack of a working security model. Having documented the local security scenario, the
security officer requires some means to extract security relevant information, e.g. to advise management on the current state
of organizational security and to recommend security priorities. This paper concludes with a discussion on such a security
model.
|
Year | DOI | Venue |
---|---|---|
2001 | 10.1007/0-306-47007-1_10 | Conference on Information Security Management & Small Systems Security |
Keywords | DocType | ISBN |
Security Documentation,countermeasures,security documentation,security standards,security model.,risk analysis | Conference | 0-7923-7506-8 |
Citations | PageRank | References |
0 | 0.34 | 4 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Lam-for Kwok | 1 | 390 | 45.48 |
Peggy P. K. Fung | 2 | 0 | 0.34 |
Dennis Longley | 3 | 25 | 7.31 |