Welcome to the InfoSci Platform
CITS: The Cost of IT Security Framework

CITS: The Cost of IT Security Framework

Marco Spruit, Wouter de Bruijn
Copyright: © 2012 |Volume: 6 |Issue: 4 |Pages: 23
ISSN: 1930-1650|EISSN: 1930-1669|EISBN13: 9781466612686|DOI: 10.4018/jisp.2012100105
Cite Article Cite Article

MLA

Spruit, Marco, and Wouter de Bruijn. "CITS: The Cost of IT Security Framework." IJISP vol.6, no.4 2012: pp.94-116. http://doi.org/10.4018/jisp.2012100105

APA

Spruit, M. & de Bruijn, W. (2012). CITS: The Cost of IT Security Framework. International Journal of Information Security and Privacy (IJISP), 6(4), 94-116. http://doi.org/10.4018/jisp.2012100105

Chicago

Spruit, Marco, and Wouter de Bruijn. "CITS: The Cost of IT Security Framework," International Journal of Information Security and Privacy (IJISP) 6, no.4: 94-116. http://doi.org/10.4018/jisp.2012100105

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Organizations know that investing in security measures is an important requirement for doing business. But how much should they invest and how should those investments be directed? Many organizations have turned to a risk management approach to identify the largest threats and the control measures that could help mitigate those threats. This research presents the Cost of IT Security (CITS) Framework to support analysis of the costs and benefits of those control measures. This analysis can be performed by using either quantification methods or by using a qualitative approach. Based on a study of five distinct security areas–Identity Management, Network Access Control, Intrusion Detection Systems, Business Continuity Management and Data Loss Prevention–nine cost factors are identified for IT security, and for only five of those nine a quantitative approach is feasible for the cost factor. This study finds that even though quantification methods are useful, organizations that wish to use those should do this together with more qualitative approaches in the decision-making process for security measures.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.