Infosecurity Management

Dr D S Kushwaha, Dr A S Vidyarthi

Abstract: Management of Information security is a business issue. The information security status in an organizational need has two levels of measurements. The first level is a high level measurement focusing on business and management processes. The second level is the technical and more detailed measurement of information security controls. Security measures need to be implemented to prevent unwanted security breaches. Determining the level of information security in an organization is easier said than done. Information security levels need to be measured on a technical and in-depth level. There is, however, a need to measure information security on a higher level, namely the management and business process level. The information security culture and the climate in an organization are very important concepts, which could affect the implementation of information security.

Keywords: Infosecurity, stages or levels, security policy, security concepts