Control and security of computer information systems
Control and security of computer information systems
A microeconomic approach to the measurement of information technology value
Journal of Management Information Systems
A comparative framework for risk analysis methods
Computers and Security
Technology investment and business performance
Communications of the ACM
Information systems effectiveness: the construct space and patterns of application
Information and Management
Developing a model of the global and strategic impact of information technology
Information and Management
Risk Management for Security Professionals
Risk Management for Security Professionals
Business Process Engineering
Protecting Information in the Electronic WorkPlace: A Guide for Managers
Protecting Information in the Electronic WorkPlace: A Guide for Managers
Effective Measurement and Management of It Costs and Benefits: Key Issues
Effective Measurement and Management of It Costs and Benefits: Key Issues
The CISSP Prep Guide: Mastering the Ten Domains of Computer Security
The CISSP Prep Guide: Mastering the Ten Domains of Computer Security
CISSP Certification All-in-One Exam Guide
CISSP Certification All-in-One Exam Guide
Analyzing cost-effectiveness of organizations: the impact of information technology spending
Journal of Management Information Systems - Special section: Strategic and competitive information systems
Measuring the organizational impact of information technology investment: an exploratory study
Journal of Management Information Systems - Special section: Realizing value from information technology investment
Firms' information security investment decisions: Stock market evidence of investors' behavior
Decision Support Systems
Hi-index | 0.00 |
We live in an unsafe world in which we encounter threats against our safety and security every day. This is especially true in the information processing environment. Managements are engaging and facing difficult problems to manage information security issues. One of the most brain-teasing management issues is “How they could make a decision on security-related investment to maximize the economic balance?” To solve this problem the ROI of security investments must be measured and managed. This paper provides the integrated methodology which consists of a process model and analysis criteria of cost factors and benefit factors to support an economic justification of security investments. Also, a case study is provided to show practicality of this methodology.