ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach

Proceeding: The International Conference on Digital Information Processing, E-Business and Cloud Computing (DIPECC)

Publication Date:

Authors : ; ;

Page : 56-68

Keywords : Cloud Computing; IT Security Risk Management; Incident Escalation; Maturity Models; IT Security Risk Monitoring; IT Security Risk Communication;

Source : Downloadexternal Find it from : Google Scholarexternal

Abstract

We combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework and we claim that IT Security Risk Management framework exist at each organizational levels. In this paper we concentrate on the monitoring and communication steps of IT Security Risk Management and especially escalation of new IT Security Incidents. We present a first draft to an IT Security Risk Escalation Capability Maturity Model based on ISACA´s Risk IT Framework. Finally we will use our approach in a cloud computing environment as we believe that it is necessary to react fast on incident and therefore a need to have a well-documented and communicated monitoring and escalation processes between different organizational levels

Last modified: 2013-06-20 21:07:38