A Method of Assessing Information System Security Controls

A Method of Assessing Information System Security Controls

Malcolm R. Pattinson (University of South Australia, Australia)
Copyright: © 2004 |Pages: 24
DOI: 10.4018/978-1-59140-286-7.ch011
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

This chapter introduces a method of assessing the state of an organization’s information system security by evaluating the effectiveness of the various IS controls that are in place. It describes how the Goal Attainment Scaling (GAS) methodology (Kiresuk, Smith & Cardillo, 1994) was used within a South Australian Government Agency and summarizes the results of this research. The major purpose of this research was to investigate whether the GAS methodology is a feasible method of assessing the state of security of an organization’s information systems. Additional objectives of this research were to determine the suitability of the GAS methodology as a self-evaluation tool and its usefulness in determining the extent of compliance with a mandated IS security standard.

Complete Chapter List

Search this Book:
Reset