Information Security Maturity as an Integral Part of ISMS based Risk Management Tools

Ben Fetler, Carlo Harpes

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    53 Downloads (Pure)

    Abstract

    Measuring the continuous improvement of Information Security Management Systems (ISMS) is often neglected as most organizations do not know how to extract key-indicators that could be used for this purpose. The underlying work presents a six-level maturity model which can be fully integrated in a risk management tool and helps to define key indicators for measuring the improvement of an ISMS. Furthermore, the proposed model establishes on how far the increase of maturity can help to mitigate information security risks and finally, a cost-benefit equation is presented which can be used to quantitatively justify the increase of maturity of an ISMS and to establish an action plan increasing the maturity.
    Original languageEnglish
    Title of host publicationSECURWARE 2016, The Tenth International Conference on Emerging Security Information, Systems and Technologies
    Place of PublicationNice, France
    PublisherXpert Publishing Services
    Pages295-298
    Number of pages4
    ISBN (Print)978-1-61208-493-0
    Publication statusPublished - 24 Jul 2016

    Publication series

    Name
    PublisherXpert Publishing Services
    ISSN (Print)2162-2116

    Keywords

    • EC Grant Agreement nr.: FP7/318003
    • EC Grant Agreement nr.: FP7/2007-2013
    • IR-101547
    • METIS-318531
    • EWI-27243

    Fingerprint Dive into the research topics of 'Information Security Maturity as an Integral Part of ISMS based Risk Management Tools'. Together they form a unique fingerprint.

  • Cite this

    Fetler, B., & Harpes, C. (2016). Information Security Maturity as an Integral Part of ISMS based Risk Management Tools. In SECURWARE 2016, The Tenth International Conference on Emerging Security Information, Systems and Technologies (pp. 295-298). Nice, France: Xpert Publishing Services.