Information Security Evaluation

A Holistic Approach


From Igli Tashi and Solange Ghernaouti


EPFL Press - Collection: Management of Technology - 2011-06-17

    • Paper book

      72,00 €


    Information systems have become a critical element of every organization, emphasizing the need for a reliable and secure ICT infrastructure for companies whose principal asset and added value is information. This book proposes a global and systemic multidimensional integrated approach to the holistic evaluation of the information security posture of an organization. The Information Security Assurance Assessment Model (ISAAM) presented in this book is based on, and integrates, a number of information security best practices, standards, methodologies and sources of research expertise, in order to provide a generic model that can be implemented in organizations of all kinds as part of their efforts towards better governing their information security. This approach will contribute to improving the identification of security requirements, measures and controls. At the same time, it provides a means of enhancing the recognition of evidence related to the assurance, quality and maturity levels of the organisation's security posture, thus driving improved security effectiveness and efficiency.


    • What is Information Security?
    • Risk Management versus Security Management
    • Information Security Assurance: an Assessment Model
    • Evaluating the Organizational Dimension
    • Evaluating the Functional Dimension
    • Evaluating the Human Dimension
    • Evaluating the Compliance Dimension
    • Concluding Remarks
    • Bibliography
    • Index of Keywords and Concepts


    • Information

    Available media

    • Paper book

      layout 160 x 240, 220 pagesIn stock

    Integrate this product on your site

    → Copy to memory :