Abstract | ||
---|---|---|
Recently, organizations started to realize that managing information security is more than a software solution; it is a strategic discipline. This realization has emerged a major challenge in the business and technology field, the integration of all governance, risk, and compliance (GRC) activities to operate in synergy and balance in configuration with the business and security objectives. The goal of this paper is to develop a comprehensive ICT security management framework as a unified platform against the evolving GRC complexity. Considering the endemic nature of risk, the risk approach requires periodical rethinking in order to keep pace with security changes and prevent undesirable incidents while preserving the stakeholders' interests continuously. Such an approach depends on the risk management maturity level, and the portfolio of monitoring controls. |
Year | Venue | Keywords |
---|---|---|
2010 | SECRYPT 2010: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY | Risk Management,ICT security,Information system controls |
Field | DocType | Citations |
Security convergence,Computer science,Computer security,Asset (computer security),Certified Information Security Manager,Security service,Information security management,Security information and event management,Threat,Security management | Conference | 0 |
PageRank | References | Authors |
0.34 | 0 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Aristeidis Chatzipoulidis | 1 | 3 | 1.73 |
Ioannis Mavridis | 2 | 240 | 27.01 |