The Management of Security: How Robust is the Justification Process?

被引:0
|
作者
Giovanni Manunta
机构
[1] Senior Lecturer,
[2] and academic leader of the MSc in Corporate Security Management,undefined
[3] in the Cranfield Security Centre,undefined
[4] RMCS Shrivenham,undefined
来源
Security Journal | 2000年 / 13卷 / 1期
关键词
Decision-making process; justification; methodology; risk; security;
D O I
10.1057/palgrave.sj.8340152
中图分类号
学科分类号
摘要
Security management literature pays considerable attention to the process of justifying security-related decisions in the context of an organisation. This process, which is widely assumed as being subject to management considerations and obtained by means of managerial techniques, is frequently related to a financial comparison of a posteriori and a priori assessments of a given security initiative. The application of this paradigm might raise issues of knowledge, rationality and reliability, thus opening the door to weaknesses in matters of blame and liability. This paper identifies a number of these weaknesses, with a view to assisting security managers in strengthening their case and, hopefully, instigating more academic research.
引用
收藏
页码:33 / 43
页数:10
相关论文
共 50 条
  • [21] Terminology for Process Safety, Security, and Risk Management
    Baybutt, Paul
    PROCESS SAFETY PROGRESS, 2014, 33 (04) : 405 - 406
  • [22] Model Driven Implementation of Security Management Process
    Mozzaquatro, Bruno A.
    Jardim-Goncalves, Ricardo
    Agostinho, Carlos
    MODELSWARD: PROCEEDINGS OF THE 5TH INTERNATIONAL CONFERENCE ON MODEL-DRIVEN ENGINEERING AND SOFTWARE DEVELOPMENT, 2017, : 229 - 238
  • [23] Ethical hacking: The security justification redux
    Smith, B
    Yurcik, W
    Doss, D
    SOCIAL IMPLICATIONS OF INFORMATION AND COMMUNICATION TECHNOLOGY, PROCEEDINGS, 2002, : 374 - 379
  • [24] Evaluation Process Management Software for Security Evaluation
    Razzazi, Mohammadreza
    Tahouri, Ali
    Fayazbakhsh, Kaveh
    2008 3RD INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGIES: FROM THEORY TO APPLICATIONS, VOLS 1-5, 2008, : 1628 - 1631
  • [25] Definition of security requirement items and its process to security and progress management
    Lee, Eun Ser
    Hwang, Sun-myoung
    INTELLIGENT CONTROL AND AUTOMATION, 2006, 344 : 1084 - 1089
  • [26] Blockchain-based automated and robust cyber security management
    He, Songlin
    Ficke, Eric
    Pritom, Mir Mehedi Ahsan
    Chen, Huashan
    Tang, Qiang
    Chen, Qian
    Pendleton, Marcus
    Njilla, Laurent
    Xu, Shouhuai
    JOURNAL OF PARALLEL AND DISTRIBUTED COMPUTING, 2022, 163 : 62 - 82
  • [27] KNOWING HOW TO BELIEVE WITH JUSTIFICATION
    REYNOLDS, SL
    PHILOSOPHICAL STUDIES, 1991, 64 (03) : 273 - 292
  • [28] A role-based process security model in business process management
    Kim, Kwanghoon
    Kim, Changmain
    Advances in Computational Methods in Sciences and Engineering 2005, Vols 4 A & 4 B, 2005, 4A-4B : 1596 - 1599
  • [29] Reengineering Cyber Security Process: A New Perspective on Cyber Security Quality Management
    Sharbaf, Mehrdad S.
    IEEE 17TH INT CONF ON DEPENDABLE, AUTONOM AND SECURE COMP / IEEE 17TH INT CONF ON PERVAS INTELLIGENCE AND COMP / IEEE 5TH INT CONF ON CLOUD AND BIG DATA COMP / IEEE 4TH CYBER SCIENCE AND TECHNOLOGY CONGRESS (DASC/PICOM/CBDCOM/CYBERSCITECH), 2019, : 332 - 337
  • [30] Implementation of IT Security and Risk Management Process for an Academic Platform
    Haz, Lidice
    Flores Moran, Manuel Eduardo
    Acaro, Ximena
    Julio Guzman, Carlos
    Espin, Luis
    DIGITAL SCIENCE, 2019, 850 : 379 - 386
12345