Show simple item record

dc.contributor.authorCusack, Ben_NZ
dc.contributor.authorAl-Khazrajy, Men_NZ
dc.date.accessioned2018-10-07T23:31:32Z
dc.date.available2018-10-07T23:31:32Z
dc.date.copyright2015-12-14en_NZ
dc.identifier.citationIn the Proceedings of [the] 13th Australian Information Security Management Conference, held from the 30 November – 2 December, 2015 (pp. 94-100), Edith Cowan University Joondalup Campus, Perth, Western Australia, pp. 94-100.
dc.identifier.urihttp://hdl.handle.net/10292/11861
dc.description.abstractA strategic question for any business is: What value do control frameworks give? The question concerns the costs associated with implementing and maintaining control frameworks compared with the benefits gained. Each control framework contains many controls that may or may not benefit a situation and this research is aimed at testing different selections and combinations of controls to forecast probable impacts on business outcomes. The scope of the research is limited to a representative set of security controls and the lesser question: What are the criteria for selecting the most effective and efficient security control configurations for best business value? We design a decision support tool (DSS), run a pilot study and begin to develop output sets as part of the exploratory research. The conclusion is that in controlled environments the security controls may be optimised to deliver the best business value and that the highest performing sets of controls can be forecasted once the interaction factors are known.
dc.publisherSecurity Research Institute, Edith Cowan University
dc.relation.urihttps://ro.ecu.edu.au/ism/186/
dc.rightsNOTICE: this is the author’s version of a work that was accepted for publication. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in (see Citation). The original publication is available at (see Publisher's Version).
dc.subjectSecurity; Controls; Performance; Business; Objectives
dc.titleEvaluating Policy Layer Security Controls for Value Realisation in Secure Systemsen_NZ
dc.typeConference Contribution
dc.rights.accessrightsOpenAccessen_NZ
dc.identifier.doi10.4225/75/57b69f80d9391
pubs.elements-id194018


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record