In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Seventh International Network Conference (INC 2008)
Title: Security Assessment and Planning in Small Organizations
Author(s): Oleksiy Mazhelis, Hannakaisa Isomäki
Keywords: Information security management, small and medium enterprises
Abstract: Information security is one of the major concerns in contemporary organizations, and these organizations devote significant portion of their resources in order to identify and mitigate their security risks. A number of formal methods can be used to support the process of security risk assessment and planning; however, these methods are usually aimed at large or medium organizations. Meanwhile, the resources available in smaller organizations may appear insufficient for applying a full-scale assessment and planning method, and, therefore, these methods should be tailored first to the constraints present in an organization. This paper introduces a derivative of a well-known security assessment and planning method adjusted to the needs of small organizations, and reports on the use of this method in a small organization.
Download count: 1778
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.