@inproceedings{878f31f081ca4d098e693baa877d60b8,
title = "Information security: Process evaluation and product evaluation",
abstract = "Effective management in any organisation requires a holistic approach in focusing on information security. Senior managers have to know how well their organisations are perfonning as measured against internationally accepted best practices. Part of the information security management problem is that it is viewed either from a technological perspective focussing on product evaluation only, or from a procedural and management perspective focussing on evaluation of the management processes. This paper aims to provide a consolidated perspective that takes both these aspects into consideration when measuring and evaluating the information security level of an organisation.",
keywords = "Certification, Code of practice, Controls, Evaluation criteria, Guideline, Process evaluation, Product evaluation, Standards",
author = "Eloff, {M. M.} and {von Solms}, {S. H.}",
note = "Publisher Copyright: {\textcopyright} IFIP International Federation for Information Processing 2000.; 16th IFIP World Computer Congress, WCC 2000 ; Conference date: 21-08-2000 Through 25-08-2000",
year = "2017",
doi = "10.1007/978-0-387-35515-3_2",
language = "English",
isbn = "9781475754797",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer New York LLC",
pages = "11--18",
editor = "Eloff, {Jan H.P.} and Sihan Qing",
booktitle = "Information Security for global information infrastructures IFIP TC11- 16th Annual Working Conference on Information Security, 2000",
}