원문정보
초록
영어
To establish an effective security strategy, business enterprises need a security benchmarking tool. The strategy helps to lessen an impact and a damage in any threat. This study analyses many aspects of information security management and suggests a way to deal with security investments by considering important factors that affect security manager’s decision. To address the different threats resulting from a major cause of accidents inside an enterprise, we investigate an approach that followed ISO17799. We unfold a criminology theory that has designated many measures against the threat as suggested by General Deterrence Theory. The study proposes a coherent model of the theory to improve the security measures especially in handling and protecting company assets and human lives as well.
목차
1. Introduction
2. General Deterrence Theory
3. Interrelations among Security Standards,Compliance, Risks Analysis,Threats and Controls
3.1 Security Standards
3.2 Compliance
3.3 Risk Analysis
3.4 Threats
3.5 Controls
4. Modeling General Deterrence Theory
4.1 The Impact of General Deterrence Theory on Information Security Management
4.2 The Improved Security Action Cycle Model
4.3 Mitigations of Risks
5. Conclusion
Reference