A Method of Assessing Information System Security Controls

A Method of Assessing Information System Security Controls

Malcolm R. Pattinson (University of South Australia, Australia)
DOI: 10.4018/978-1-59904-937-3.ch138
OnDemand PDF Download:
$37.50

Abstract

This chapter introduces a method of assessing the state of an organization’s information system security by evaluating the effectiveness of the various IS controls that are in place. It describes how the Goal Attainment Scaling (GAS) methodology (Kiresuk, Smith & Cardillo, 1994) was used within a South Australian Government Agency and summarises the results of this research. The major purpose of this research was to investigate whether the GAS methodology is a feasible method of assessing the state of security of an organization’s information systems. Additional objectives of this research were to determine the suitability of the GAS methodology as a self-evaluation tool and its usefulness in determining the extent of compliance with a mandated IS security standard.

Complete Chapter List

Search this Book:
Reset