University of Twente Student Theses

Login

OSSUM : a framework for determining the quality of Information Security Assessment Methodologies

Bakker, Alexander (2018) OSSUM : a framework for determining the quality of Information Security Assessment Methodologies.

[img] PDF
2MB
Abstract:This thesis follows a literature study that was aimed at uncovering methods of measuring the level of Information Security within organizations, described in this thesis as Information Security Assessment Methodologies, or ISAMs for short. One of the main conclusions of the literature study was that only two of the 10 ISAMs identified were validated in practice. The literature study concluded that there was to date no framework for validating ISAMs. This thesis aims to fill that gap. In this thesis, a framework is presented that can be used to measure the degree to which an ISAM adheres to current standards. The framework generates a statistical overview of the ISAM, and can serve as a basis for improving the quality of ISAMs. The use of the framework is demonstrated by analyzing an ISAM called the State of Security assessment. The framework developed in this thesis is called OSSUM, the Overarching Security Standard Unification Methodology.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science, 85 business administration, organizational science
Programme:Business Information Technology MSc (60025)
Link to this item:https://purl.utwente.nl/essays/75811
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page