Swanson, 2001 - Google Patents
Security self-assessment guide for information technology systemsSwanson, 2001
View DOC- Document ID
- 14547711613497577329
- Author
- Swanson M
- Publication year
- Publication venue
- NIST special publication
External Links
Snippet
Adequate security of information and the systems that process it is a fundamental management responsibility. Agency officials must understand the current status of their information security program and controls in order to make informed judgments and …
- 238000005516 engineering process 0 title description 33
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management, e.g. organising, planning, scheduling or allocating time, human or machine resources; Enterprise planning; Organisational models
- G06Q10/063—Operations research or analysis
- G06Q10/0639—Performance analysis
- G06Q10/06393—Score-carding, benchmarking or key performance indicator [KPI] analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management, e.g. organising, planning, scheduling or allocating time, human or machine resources; Enterprise planning; Organisational models
- G06Q10/063—Operations research or analysis
- G06Q10/0635—Risk analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management, e.g. organising, planning, scheduling or allocating time, human or machine resources; Enterprise planning; Organisational models
- G06Q10/063—Operations research or analysis
- G06Q10/0639—Performance analysis
- G06Q10/06398—Performance of employee with respect to a job function
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/06—Investment, e.g. financial instruments, portfolio management or fund management
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Swanson | Security self-assessment guide for information technology systems | |
| Ross et al. | Protecting controlled unclassified information in nonfederal systems and organizations | |
| DOCUMENTATION et al. | Information technology–Security techniques–Information security management systems–Requirements | |
| Stoneburner et al. | Risk management guide for information technology systems | |
| Swanson et al. | Generally accepted principles and practices for securing information technology systems | |
| US20050132225A1 (en) | Method and system for cyber-security vulnerability detection and compliance measurement (CDCM) | |
| Guttman | An introduction to computer security: the NIST handbook | |
| Peltier | Risk analysis and risk management | |
| Albert et al. | OCTAVE catalog of practices, version 2.0 | |
| Kahraman | Evaluating IT security performance with quantifiable metrics | |
| Swanson | Security self-assessment guide for information technology system | |
| Swanson | Nisr | |
| Mödinger | Metrics and key performance indicators for information security reports of universities | |
| Morello | Towards standardization of audit procedures for the new version of ISO/IEC 27002 | |
| Dacey | Federal Information System Controls Audit Manual (FISCAM) | |
| Guttman et al. | An introduction to computer security | |
| KORIR | A MODEL FOR DETERMINING INFORMATION SECURITY PREPAREDNESS LEVEL IN E-GOVERNANCE IN KENYA’S COUNTY GOVERNMENTS: CASE OF UASIN GISHU COUNTY GOVERNMENT | |
| Falk | on Data Security and Privacy Liability (WG11) | |
| Kane et al. | Information protection playbook | |
| Ndichu et al. | Web Based Integrated Evaluation Framework for Information Security Preparedness in Law Enforcement Agencies | |
| KIPROTICH | A WEB-BASED MODEL TO DETERMINE SECURITY RISK EXPOSURE INDEX AMONG SAVINGS AND CREDIT COOPERATIVE SOCIETIES | |
| Ismail Mukasa | Assessment of Internet Agent Security on Data Networks | |
| AZUBIKE | COMPUTER INFORMATION SECURITY AUDIT: PROCEDURES FOR POLICY DESIGN AND IMPLEMENTATION. | |
| Swanson | NIST Special Publication 800-18 | |
| Wedelu | Information and Cyber Security Risk Assessment Framework for the Banking Sector in Ethiopia |