Towards a Systematic Approach for Improving Information Security Risk Management Methods

The management of information security risk is a major concern of organizations worldwide. Although, the number of existing information security risk management methods is enormous, in practice a lot of time, effort and knowledge are invested by organizations in the process of creating new informati...

Full description

Saved in:
Bibliographic Details
Main Authors: Papadaki, K., Polemi, N.
Format: Conference Proceeding
Language:English
Subjects:
Design methodology
Information management
Information security
Iterative methods
Land mobile radio
Mobile communication
Process control
Radio spectrum management
Risk management
Software engineering
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The management of information security risk is a major concern of organizations worldwide. Although, the number of existing information security risk management methods is enormous, in practice a lot of time, effort and knowledge are invested by organizations in the process of creating new information security risk management methods. Surprisingly, the study of literature reveals a lack of sufficient research concerning the process of developing new, or improving existing, information security risk management methods. Therefore, in this paper we operate within the paradigm of design science research in order to propose a systematic process for the development of new, or improvement of existing, information security risk management methods. Furthermore, this effort emphasizes the effective utilization of pre-existing and new knowledge on information security risk management created throughout the process.
ISSN:2166-9570
DOI:10.1109/PIMRC.2007.4394150