An Approach for the Assessment of the Information Security and Its Measures
Kiran Kumar Kommineni1, Adimulam Yesu Babu2
1Mr. Kiran Kumar Kommineni, Lecturer, Department of Information Technology, Bapatla Engineering College, Bapatla , Guntur, AP, India.
2Dr. Adimulam Yesu Babu, I/c Principal and Professor in Computer Science & Engineering, Sir. CR Reddy College of Engineering, Eluru , West Godavari (Dt), AP., India.
Manuscript received on February 05, 2013. | Revised Manuscript received on February 27, 2013. | Manuscript published on March 05, 2013. | PP: 77-80 | Volume-3 Issue-1, March 2013. | Retrieval Number: A1304033113/2013©BEIESP
Open Access | Ethics and Policies | Cite
© The Authors. Published By: Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The information security management standard requires enterprises to undertake regular reviews of the effectiveness of their information security management system. According to ISO, the effectiveness of the implemented information security controls to verify that the security requirements, according to the business objectives, have been met. This paper focuses on the identification of a set of assessment measures that could be used in assessing information security readiness according to the recommended security controls of the information security management standard. This paper presents the suitable security measures that could be used as an input to an analytical model for numerically assessing enterprise information security.
Keywords: Information Security; Risk management; Assessment; Measures; ISO.