Show/Hide Menu
Hide/Show Apps
anonymousUser
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Supplementing ISRM models by KRI implementation
Download
index.pdf
Date
2019
Author
Özçakmak, Fuat
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
4
views
3
downloads
Cite This
Cybersecurity efforts should be spent effectively and timely with regard to where and when they are needed because of the resource requirements. In order to secure Information Technology (IT) systems, The Information Systems Risk Management (ISRM) standards like ISO 27000, NIST 800 series and COBIT 5 frameworks are used as best practices. These standards use a diversity of metrics to monitor the Information Security Management System (ISMS). However, large amounts of money, time and human resources are needed to detect, measure and interpret all. Moreover, these standards do not deal with the resources allocated and senior managements’ concern. To avoid these concerns, Key Risk Indicator (KRI) based risk monitoring can help a significant decrease in the required resources and increase the risk monitoring effectiveness. In this study, a new KRI implementation model that can facilitate risk management, figure out costs, benefits and address stakeholders' concerns, for ISRM standards is proposed.
Subject Keywords
Computer networks
,
Computer networks Security measures.
,
Information Security Risk Management
,
Cybersecurity Risk Assessment
,
Key Risk Indicators
,
Cybersecurity Metrics
,
Cost of Cybersecurity.
URI
http://etd.lib.metu.edu.tr/upload/12623326/index.pdf
https://hdl.handle.net/11511/43721
Collections
Graduate School of Social Sciences, Thesis
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
F. Özçakmak, “Supplementing ISRM models by KRI implementation,” Thesis (M.S.) -- Graduate School of Social Sciences. Science and Technology Policy Studies., Middle East Technical University, 2019.
