Non risk assessment information security assurance model
暂无分享,去创建一个
This article is present information assurance model based on Non risk assessment model. The model based on diligence model where assurance is achieved by using threat and vulnerability reviews and countermeasures based on tangible best practices. An information security program can be initiated based on one of three models: bench marks, risk assessment and diligence model. The article presents the three modules then adopts the last one to build information assurance security model based on layering levels.
[1] Kevin Henry,et al. Official (ISC)2 Guide to the CISSP CBK ((Isc)2 Press Series) , 2006 .
[2] 日本規格協会. 情報技術-セキュリティ技術-情報セキュリティマネジメントシステム-要求事項 : 国際規格ISO/IEC 27001 = Information technology-Security techniques-Information security management systems-Requirements : ISO/IEC 27001 , 2005 .
[3] C. Colwill,et al. Information Assurance , 2001 .
[4] Donn B. Parker,et al. Fighting computer crime - a new framework for protecting information , 1998 .