Access the full text.
Sign up today, get DeepDyve free for 14 days.
日本規格協会 (2002)
情報セキュリティマネジメントシステム : 仕様及び利用の手引 : 英国規格 : BS7799-2:2002 = Information security management systems : specification with guidance for use : british standards : BS 7799-2:2002
R.C. Reid, S.A. Floyd
Extending the risk analysis model to include market insurance
R. Weber
Information System Control and Audit
E. Schultz, R. Proctor, M. Lien, G. Salvendy (2001)
Usability and Security An Appraisal of Usability Issues in Information Security MethodsComput. Secur., 20
Marie Wright (1999)
Third generation risk management practicesComputer Fraud & Security, 1999
ISO/IEC 17799
Information Technology Code of Practice for Information Services
M. Eloff, S. Solms (2000)
Information Security Management: An Approach to Combine Process Certification And Product EvaluationComput. Secur., 19
J. Sherwood (1996)
SALSA: A method for developing the enterprise security architecture and strategyComput. Secur., 15
F. Luthans, R. Schonberger, R. Morey (1976)
Introduction to management : a contingency approach
Ma. Salas, A. Kaplan (1967)
The Conduct of Inquiry
R. Drazin, A. Ven (1985)
Alternative forms of fit in contingency theory.Administrative Science Quarterly, 30
Randall Reid, Stephen Floyd (2001)
Refereed Extending the Risk Analysis Model to Include Market-InsuranceComputers & Security, 20
J. Tudor (2000)
Information Security Architecture
BS 7799‐2
Information Security Management Part 2: Specification for Information Security Management Systems
D. Gollmann (2010)
Computer securityWiley Interdisciplinary Reviews: Computational Statistics, 2
S. Garfinkel, Gene Spafford (1991)
Practical UNIX Security
Mukul Gupta, A. Chaturvedi, S. Mehta, L. Valeri (2000)
The experimental analysis of information security management issues for online financial services
M. Smith (1989)
Computer security-threats, vulnerabilities and countermeasuresInformation Age archive, 11
R. Solms, H. Haar, S. Solms, W. Caelli (1994)
A framework for information security evaluationInf. Manag., 26
日本規格協会 (2000)
情報技術 : 情報セキュリティ管理実施基準 : 国際規格 : ISO/IEC 17799 = Information technology : code of practice for infromation security management : international standard : ISO/IEC 17799
Nancy Flynn (2001)
The e-policy handbook : designing and implementing effective e-mail, internet, and software policies
COBIT
COBIT: Control Objectives
M.E. Kabay
The NCSA Guide to Enterprise Security
S. Lee, F. Luthans, D. Olson (1982)
A management science approach to contingency models of organizational structure.Academy of Management journal. Academy of Management, 25 3
S.P. Robbins
Management
With the popularity of electronic commerce, many organizations are facing unprecedented security challenges. Security techniques and management tools have caught a lot of attention from both academia and practitioners. However, there is lacking a theoretical framework for information security management. This paper attempts to integrate security policy theory, risk management theory, control and auditing theory, management system theory and contingency theory in order to build a comprehensive theory of information security management (ISM). This paper suggests that an integrated system theory is useful for understanding information security management, explaining information security management strategies, and predicting management outcomes. This theory may lay a solid theoretical foundation for further empirical research and application.
Information Management & Computer Security – Emerald Publishing
Published: Dec 1, 2003
Keywords: Control systems; Risk management; Systems theory; Contingency planning
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.