Security Excellence: Fusing Security Metrics into a Business Excellence Model

View Free PDF

Author(s): Clemens Martin (University of Ontario Institute of Technology, Canada)and Anasuya Bulkan (University of Ontario Institute of Technology, Canada)
Copyright: 2007
Pages: 6
Source title: Managing Worldwide Operations and Communications with Information Technology
Source Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59904-929-8.ch134
ISBN13: 9781599049298
EISBN13: 9781466665378

Keywords: Information Science Reference / IT Research & Theory / IT Research and Theory / Library & Information Science

Abstract

The European Foundation for Quality Management’s Excellence Model is a highly recognized business framework that has been implemented in many European countries to achieve Business Excellence. It is a documented approach to determine the overall Total Quality Management (TQM) practices of an organization by assessing nine different criteria. Conversely, the US National Institute of Standards and Technology (NIST) has outlined a set of security metrics that are categorized into managerial, operational and technical controls that can be used to express the security posture of an organization. In this paper, we propose to integrate these two domains to produce a comprehensive security framework based on underlying TQM practices and principles. Hence, we have created security metrics that are more accurate in reflecting the holistic state of a business and all its important aspects including IT security aspects that were not formally considered before.

IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Encyclopedia of Information Science and Technology, Fourth Edition