Welcome to the InfoSci Platform
Reference Hub1
A Mark-Up Language for the Specification of Information Security Governance Requirements

A Mark-Up Language for the Specification of Information Security Governance Requirements

Anirban Sengupta, Chandan Mazumdar
Copyright: © 2011 |Volume: 5 |Issue: 2 |Pages: 21
ISSN: 1930-1650|EISSN: 1930-1669|EISBN13: 9781613507568|DOI: 10.4018/jisp.2011040103
Cite Article Cite Article

MLA

Sengupta, Anirban, and Chandan Mazumdar. "A Mark-Up Language for the Specification of Information Security Governance Requirements." IJISP vol.5, no.2 2011: pp.33-53. http://doi.org/10.4018/jisp.2011040103

APA

Sengupta, A. & Mazumdar, C. (2011). A Mark-Up Language for the Specification of Information Security Governance Requirements. International Journal of Information Security and Privacy (IJISP), 5(2), 33-53. http://doi.org/10.4018/jisp.2011040103

Chicago

Sengupta, Anirban, and Chandan Mazumdar. "A Mark-Up Language for the Specification of Information Security Governance Requirements," International Journal of Information Security and Privacy (IJISP) 5, no.2: 33-53. http://doi.org/10.4018/jisp.2011040103

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

As enterprises become dependent on information systems, the need for effective Information Security Governance (ISG) assumes significance. ISG manages risks relating to the confidentiality, integrity and availability of information, and its supporting processes and systems, in an enterprise. Even a medium-sized enterprise contains a huge collection of information and other assets. Moreover, risks evolve rapidly in today’s connected digital world. Therefore, the proper implementation of ISG requires automation of the various monitoring, analysis, and control processes. This can be best achieved by representing information security requirements of an enterprise in a standard, structured format. This paper presents such a structured format in the form of Enterprise Security Requirement Markup Language (ESRML) Version 2.0. It is an XML-based language that considers the elements of ISO 27002 best practices.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.