IDEAS home Printed from https://ideas.repec.org/h/spr/spochp/978-1-4419-1636-5_5.html
   My bibliography  Save this book chapter

A Security Assurance Model to Holistically Assess the Information Security Posture

In: Complex Intelligent Systems and Their Applications

Author

Listed:
  • Igli Tashi

    (University of Lausanne)

  • Solange Ghernaouti-Hélie

    (University of Lausanne)

Abstract

Summary Managing Information Security (InfoSec) within an organization is becoming a very complex task. Currently, InfoSec Assessment is performed by using frameworks, methodologies, or standards which consider separately the elements related to security. Unfortunately, this is not necessarily effective because it does not take into consideration the necessity of having a global and systemic, multidimensional approach to ICT Security evaluation. This is mainly because the overall security level is only as strong as the weakest link. This chapter proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat takes advantage of the weakest link. Then a formalized structure taking into account all security elements is presented. The proposed model is based on, and integrates, a number of security best practices and standards that permit the definition of a reliable InfoSec framework. At this point an assessment process should be undertaken, the result of which will be the assurance that InfoSec is adequately managed within the organization. The added value of this model is that it is simple to implement and responds to concrete needs in terms of reliance upon efficient and dynamic evaluation tools and through a coherent evaluation system.

Suggested Citation

  • Igli Tashi & Solange Ghernaouti-Hélie, 2010. "A Security Assurance Model to Holistically Assess the Information Security Posture," Springer Optimization and Its Applications, in: Fatos Xhafa & Leonard Barolli & Petraq J. Papajorgji (ed.), Complex Intelligent Systems and Their Applications, chapter 0, pages 83-108, Springer.
    • Handle: RePEc:spr:spochp:978-1-4419-1636-5_5
    DOI: 10.1007/978-1-4419-1636-5_5
    as

    Download full text from publisher

    To our knowledge, this item is not available for download. To find whether it is available, there are three options:
    1. Check below whether another version of this item is available online.
    2. Check on the provider's web page whether it is in fact available.
    3. Perform a search for a similarly titled item that would be available.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:spochp:978-1-4419-1636-5_5. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.