Information Security Metrics: State of the Art: State of the art
2011 (English)Other (Other (popular science, discussion, etc.))
Rapporten är en sammanställning och analys av forskning inom säkerhetsmetriker
Managing something that is not measured is difficult to near impossible and Information Security is not an exception. Effective measurement and reporting are required in order to demonstrate compliance, improve effectiveness and efficiency of controls, and ensure strategic alignment in an objective, reliable, and efficient manner.
The main purpose of the report is to examine the present state of the art of information security measurement from an organizational standpoint and to present the reader with enough relevant information so as to facilitate a holistic understanding of the area.
To a lesser degree, this document may be used as a high-level guidance on the common challenges of information security measurement and possible ways for addressing them, and on where to find more in-depth information on the subject.
This report is produced as part of the Controlled Information Security (COINS) research project funded by the Swedish Civil Contingencies Agency (MSB).
Place, publisher, year, edition, pages
Information Security, Security Governance, Security Management, Security Metrics, Security Measures, Security Measurement.
Research subject Computer and Systems Sciences
IdentifiersURN: urn:nbn:se:su:diva-67147OAI: oai:DiVA.org:su-67147DiVA: diva2:469570
rapport från projekt COINS2011-12-262011-12-26