AN ICT SECURITY MANAGEMENT FRAMEWORK
Aristeidis Chatzipoulidis, Ioannis Mavridis
2010
Abstract
Recently, organizations started to realize that managing information security is more than a software solution; it is a strategic discipline. This realization has emerged a major challenge in the business and technology field, the integration of all governance, risk, and compliance (GRC) activities to operate in synergy and balance in configuration with the business and security objectives. The goal of this paper is to develop a comprehensive ICT security management framework as a unified platform against the evolving GRC complexity. Considering the endemic nature of risk, the risk approach requires periodical rethinking in order to keep pace with security changes and prevent undesirable incidents while preserving the stakeholders’ interests continuously. Such an approach depends on the risk management maturity level, and the portfolio of monitoring controls.
DownloadPaper Citation
in Harvard Style
Chatzipoulidis A. and Mavridis I. (2010). AN ICT SECURITY MANAGEMENT FRAMEWORK . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010) ISBN 978-989-8425-18-8, pages 459-462. DOI: 10.5220/0002989304590462
in Bibtex Style
@conference{secrypt10,
author={Aristeidis Chatzipoulidis and Ioannis Mavridis},
title={AN ICT SECURITY MANAGEMENT FRAMEWORK},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)},
year={2010},
pages={459-462},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002989304590462},
isbn={978-989-8425-18-8},
}
in EndNote Style
TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)
TI - AN ICT SECURITY MANAGEMENT FRAMEWORK
SN - 978-989-8425-18-8
AU - Chatzipoulidis A.
AU - Mavridis I.
PY - 2010
SP - 459
EP - 462
DO - 10.5220/0002989304590462