Title: A meta-process for information security risk management

Authors: Katerina Papadaki, Despina Polemi

Addresses: National Technical University of Athens & Bank of Greece, 3, Amerikis St., GR-10522, Athens, Greece. ' University of Pireaus, 80, Karaoli & Dimitriou St., GR-18534, Piraeus, Greece

Abstract: Information security risk management (ISRM) is a major concern of organisations worldwide. Although the number of existing ISRM methodologies is enormous, in practice several resources are invested by organisations in creating new ISRM methodologies in order to capture more accurately the risks of their complex information systems. This is a crucial knowledge-intensive process for organisations, but in most cases it is addressed in an ad hoc manner. The existence of a systematic approach for the development of new or improved ISRM methodologies would enhance the effectiveness of the process. In this paper, we propose a systematic meta-process for developing new, or improved ISRM methods. We also present the specifications for a collaboration and knowledge-sharing platform supporting a virtual intra-organisational cross-disciplinary team, which aims at improving its ISRM methodologies by adopting the proposed meta-process.

Keywords: information security; knowledge management; risk management; collaboration; virtual teams; intra-organisational teams; cross-disciplinary teams; knowledge sharing.

DOI: 10.1504/IJESDF.2008.021451

International Journal of Electronic Security and Digital Forensics, 2008 Vol.1 No.4, pp.336 - 343

Published online: 27 Nov 2008 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article