\
 

Start Date

16-8-2018 12:00 AM

Description

Benchmarking methodology can provide organizations with a way of choosing an appropriate ISSP by referring to others in the industry. However, selecting a proper benchmarking target in establishing of information system security policy is a challenge. This paper proposes an artifact to select a target organization by quantitatively measuring the similarity of organizations’ systems. Our proposed artifact includes required formulas and an algorithm which compute the similarities. The artifact is based on moment generating function with probabilistic distribution through moment method and generalized method of moment. We expect the artifact may resolve the challenge of selecting a target organization by increasing the accuracy of similarity identification.

Share

COinS
 
Aug 16th, 12:00 AM

Benchmarking Methodology Development for Establishing Information System Security Policy: A Design Science Approach

Benchmarking methodology can provide organizations with a way of choosing an appropriate ISSP by referring to others in the industry. However, selecting a proper benchmarking target in establishing of information system security policy is a challenge. This paper proposes an artifact to select a target organization by quantitatively measuring the similarity of organizations’ systems. Our proposed artifact includes required formulas and an algorithm which compute the similarities. The artifact is based on moment generating function with probabilistic distribution through moment method and generalized method of moment. We expect the artifact may resolve the challenge of selecting a target organization by increasing the accuracy of similarity identification.