The balanced scorecard: a foundation for the strategic management of information systems
Decision Support Systems
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Communications of the ACM - E-services: a cornucopia of digital offerings ushers in the next Net-based evolution
Journal of Computer Security - IFIP 2000
How much is enough: a risk management approach to computer security
How much is enough: a risk management approach to computer security
Why the Future Belongs to the Quants
IEEE Security and Privacy
Computer security strength and risk: a quantitative approach
Computer security strength and risk: a quantitative approach
Evaluating information security investments using the analytic hierarchy process
Communications of the ACM - Medical image modeling
Timing the Application of Security Patches for Optimal Uptime
LISA '02 Proceedings of the 16th USENIX conference on System administration
The Value of Intrusion Detection Systems in Information Technology Security Architecture
Information Systems Research
Budgeting process for information security expenditures
Communications of the ACM - Personal information management
The Sarbanes-Oxley Act and the changing role of the CIO and IT function
International Journal of Business Information Systems
Communicating the value of uncertain information technology investments using an options approach
International Journal of Business Information Systems
An investigation of information availability and sharability for organisational performance measures
International Journal of Business Information Systems
The productivity of large business information system development
International Journal of Business Information Systems
International Journal of Business Information Systems
International Journal of Business Information Systems
Knowledge management within information security: the case of Barings Bank
International Journal of Business Information Systems
SP 800-55 Rev. 1. Performance Measurement Guide for Information Security
SP 800-55 Rev. 1. Performance Measurement Guide for Information Security
A study on usage of IT and its implications on e-procurement in Indian organisations
International Journal of Business Information Systems
Investing in IT Security: How to Determine the Maximum Threshold
International Journal of Information Security and Privacy
An effective and secure web banking system: development and evaluation
International Journal of Business Information Systems
International Journal of Business Information Systems
Hi-index | 0.00 |
Justifying security investments has been challenging for managers and executives alike for several well-published reasons. With the growing importance of security measures, companies are increasing the share of security investments in their overall Information Technology (IT) budgets. This paper presents a practical application of the Balanced Scorecard method in evaluating the investment decisions made on the acquisition of security technologies by an organisation. The research shows that this methodology can be used effectively in comparative analysis situations where two or more investments are being considered using a set of best choices per organisational goal. The proposed methodology incorporates the percentages of financial, customer, business and growth goals defined in a set of metrics and places a weighted value on those percentages to achieve an overall percentage of met goals. The research is carried out in a US-based large public university's IT division.