IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach
Proceeding: The International Conference on Digital Information Processing, E-Business and Cloud Computing (DIPECC)Publication Date: 2013-10-23
Authors : Gunnar Wahlgren; Stewart Kowalski;
Page : 56-68
Keywords : Cloud Computing; IT Security Risk Management; Incident Escalation; Maturity Models; IT Security Risk Monitoring; IT Security Risk Communication;
Abstract
We combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework and we claim that IT Security Risk Management framework exist at each organizational levels. In this paper we concentrate on the monitoring and communication steps of IT Security Risk Management and especially escalation of new IT Security Incidents. We present a first draft to an IT Security Risk Escalation Capability Maturity Model based on ISACA´s Risk IT Framework. Finally we will use our approach in a cloud computing environment as we believe that it is necessary to react fast on incident and therefore a need to have a well-documented and communicated monitoring and escalation processes between different organizational levels
Other Latest Articles
- A Review of Smart TV Forensics: Present State & Future Challenges
- Enhancement of eTOM Assurance Domain by Integration with COBIT5 Framework
- Energy Enhancement in Wireless Sensor Networks Based on SVD and DWT Algorithms
- An Algorithm to Detect Square Object in the Image
- A New Conceptual Model for Promoting Municipality's Integrated Database: An Open Window to Public
Last modified: 2013-06-20 21:07:38