{"title":"有效的安全风险管理计划的关键成功因素","authors":"Humayun Zafar, J. Clark, Myung S. Ko, Yoris A. Au","doi":"10.4018/ijsssp.315765","DOIUrl":null,"url":null,"abstract":"This paper evaluates the perceived effectiveness of the security risk management (SRM) programs at two Fortune 500 firms using qualitative and quantitative methods. Layers of management and staff from both firms participated in the study. Perceived effectiveness of their SRM programs was based on nine critical success factors (CSFs). Six initial critical success factors (CSFs): executive management support, organizational maturity, open communication, risk management stakeholders, team member empowerment, and holistic view of an organization were extracted from organizational role theory. They were confirmed and synthesized with three additional CSFs (security maintenance, corporate security strategy, and human resource development). A survey based on the CSFs was implemented at the two firms. Although both firms are Fortune 500 technology companies, their perceptions of current perceived SRM effectiveness differ significantly.","PeriodicalId":264067,"journal":{"name":"International Journal of Systems and Software Security and Protection","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Critical Success Factors for an Effective Security Risk Management Program\",\"authors\":\"Humayun Zafar, J. Clark, Myung S. Ko, Yoris A. Au\",\"doi\":\"10.4018/ijsssp.315765\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper evaluates the perceived effectiveness of the security risk management (SRM) programs at two Fortune 500 firms using qualitative and quantitative methods. Layers of management and staff from both firms participated in the study. Perceived effectiveness of their SRM programs was based on nine critical success factors (CSFs). Six initial critical success factors (CSFs): executive management support, organizational maturity, open communication, risk management stakeholders, team member empowerment, and holistic view of an organization were extracted from organizational role theory. They were confirmed and synthesized with three additional CSFs (security maintenance, corporate security strategy, and human resource development). A survey based on the CSFs was implemented at the two firms. Although both firms are Fortune 500 technology companies, their perceptions of current perceived SRM effectiveness differ significantly.\",\"PeriodicalId\":264067,\"journal\":{\"name\":\"International Journal of Systems and Software Security and Protection\",\"volume\":\"30 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Systems and Software Security and Protection\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/ijsssp.315765\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Systems and Software Security and Protection","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijsssp.315765","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Critical Success Factors for an Effective Security Risk Management Program
This paper evaluates the perceived effectiveness of the security risk management (SRM) programs at two Fortune 500 firms using qualitative and quantitative methods. Layers of management and staff from both firms participated in the study. Perceived effectiveness of their SRM programs was based on nine critical success factors (CSFs). Six initial critical success factors (CSFs): executive management support, organizational maturity, open communication, risk management stakeholders, team member empowerment, and holistic view of an organization were extracted from organizational role theory. They were confirmed and synthesized with three additional CSFs (security maintenance, corporate security strategy, and human resource development). A survey based on the CSFs was implemented at the two firms. Although both firms are Fortune 500 technology companies, their perceptions of current perceived SRM effectiveness differ significantly.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
