Critical Success Factors and Indicators to Improve Information Systems Security Management Actions
This chapter presents an Information Systems Security Management Framework (ISSMF) which encapsulates eleven Critical Success Factors (CSFs) along with a set of 62 indicators to properly manage and track the evolution of security management models. These CSFs have been identified as the most cited key factors published in the current information security literature. The set of indicators has been strictly designed for organizations seeking simple and fast alternatives to estimate current information systems security status. Furthermore, the authors have found that current organizations, particularly small and medium size enterprises, use reactive and irresponsible security strategies due to the scarcity of human and economic resources. Therefore, this chapter approaches security from a managerial perspective allowing systems administrators, especially those with a more technical profile, to build their personal balanced security scorecard choosing the CSFs and indicators that fit best in every case.