Abstract
The present article is aimed at clarifying the oft-times confusing terminology and at elucidating the various approaches obtaining to the realm of Information Security (IS) management. The IS management approaches selected for discussion in this article will specifically address those rudiments and concepts that play a key role in the assessment of the IS status of an organization. Following, a hierarchical framework will be developed in terms of which to elucidate ill-defined terms and concepts. By so doing, issues such as certification, benchmarking, guidelines and codes of practice will come under consideration. IS management approaches widely accepted in the international arena will also be mapped onto the said hierarchical framework.
Original language | English |
---|---|
Pages (from-to) | 243-256 |
Number of pages | 14 |
Journal | Computers and Security |
Volume | 19 |
Issue number | 3 |
DOIs | |
Publication status | Published - 1 Mar 2000 |
ASJC Scopus subject areas
- General Computer Science
- Law