Part I: The Inhibiting Role of Unrealistic Optimism in Providers’ IT Security Risk Management

Author(s):  
André Loske
2013 ◽  
Vol 4 (4) ◽  
pp. 1-19 ◽  
Author(s):  
Gunnar Wahlgren ◽  
Stewart Kowalski

The authors combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework. With this combined framework the authors create a new approach to IT Security Risk Management where IT Security Risk Management is place at the strategic, tactical and operational levels of an organizational. In this paper the authors concentrate on the monitoring and communication steps of IT Security Risk Management and especially escalation of new IT Security Incidents. The authors present a first draft to an IT Security Risk Escalation Capability Maturity Model based on ISACA´s Risk IT Framework. Finally the authors apply the approach to typical cloud computing environment as a first step to evaluate this new approach.


2007 ◽  
Vol 44 (1) ◽  
pp. 1-16 ◽  
Author(s):  
Wei T. Yue ◽  
Metin Çakanyıldırım ◽  
Young U. Ryu ◽  
Dengpan Liu

Sign in / Sign up

Export Citation Format

Share Document