2008
Постійне посилання на розділhttps://repository.kpi.kharkov.ua/handle/KhPI-Press/30152
Переглянути
Документ A procedure model for evaluating IT-security investments(NTU "KhPI", 2008) Grob, H. L.; Strauch, G.; Buddendick, C.The security of information systems is a vital factor for companies nowadays. In order to achieve an adequate level of security, a variety of distinct measures is available, ranging from technical meas-ures to organizational measures. In near past suitable methods for decision support especially for the assessment of the profitability of IT-security investments have been developed. But integrated procedure models for a complete it-security controlling can neither be found in literature nor in practice. With this article, we propose a method framework that enables the analysis of the results of alternative security investments from a process-oriented perspective. As a basis, we have conducted an in-deep analysis of the state-of-the-art in the fields of IT-Business-Alignment and IT-security management in order to identify suitable concepts for the framework. A special focus lies on the requirements of IT-security controlling of critical business processes.