Conference Proceedings

Security modelling for organisations

A Anderson, D Longley, LF Kwok

Proceedings of the ACM Conference on Computer and Communications Security | Published : 1994


Information security officers of large organisations have the responsibility, inter alia, to advise senior management on the current level of organisational risk and to overview the operation of effective security systems within the organisation. Current developments in risk analysis methodologies and system security certification, e.g. ITSEC, can provide security officers with information on the current level of organisational risk and the effectiveness of security systems. However these activities are commonly undertaken as large one-off projects. Hence they do not provide the methodologies or tools that allow security officers to respond to the often ad hoc demands made upon them. This pa..

View full abstract

Citation metrics