Security managers often regard human behaviour as a security liability, but they should accommodate it within their organisation’s information security management procedures. To...
Simon Edward Parkin, Aad P. A. van Moorsel, Robert...
Unified and formal knowledge models of the information security domain are fundamental requirements for supporting and enhancing existing risk management approaches. This paper de...
The approach to information security governance has predominantly followed a functionalist paradigm with emphasis placed on formalized rule structures and policy frameworks. The a...
With the ongoing trend towards the globalization of software systems and their development, components in these systems might not only work together, but may end up evolving indep...
Legal regulations and industry standards require organizations to measure and maintain a specified IT-security level. Although several IT-security metrics approaches have been de...