Change search
ReferencesLink to record
Permanent link

Direct link
Evaluation of Escalation Maturity Model for IT Security Risk Management: a design Science Work in Progress
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
2014 (English)In: 2014 Dewald Roode Worksshop on Information System Security Research: conference proceedings / [ed] Anthony Vance, Laxenburg: IFIP , 2014, -22 p.Conference paper (Refereed)
Abstract [en]

In this early stage paper we present a draft of an IT Security Risk Escalation Capability Maturity Model. This model is used to develop a new approach to IT Security Risk Management where IT Security Risk Management is placed as a recurring activity at all levels of the organization including the strategic, tactical and operational levels. To construct this model we combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework and take elements from the ISAC IT Risk framework. We end our paper with an outline of our current plans to evaluate this escalation maturity model by using expert groups to rank outcomes of response to similar IT incidents by different organization that have been ranked according to this maturity model. In this way we hope to establish if there are correlations as to the maturity level of an organization and how well it responds to an IT incident.

Place, publisher, year, edition, pages
Laxenburg: IFIP , 2014. -22 p.
Keyword [en]
Incident escalation, Maturity models, IT security risk management, IT security risk monitoring, IT security risk communication
National Category
Information Systems
Research subject
Computer and Systems Sciences
URN: urn:nbn:se:su:diva-114727OAI: diva2:793837
The 2014 Dewald Roode Workshop on Information Systems Security Research, IFIP WG8.11/WG11.13
Available from: 2015-03-09 Created: 2015-03-09 Last updated: 2015-03-16Bibliographically approved

Open Access in DiVA

No full text

Search in DiVA

By author/editor
Wahlgren, GunnarKowalski, Stewart
By organisation
Department of Computer and Systems Sciences
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 89 hits
ReferencesLink to record
Permanent link

Direct link