Communications of the Association for Information Systems


The threat of computer crime is increasingly becoming a big concern for organizations. Organizations have to continuously manage their investment in information security technologies in an attempt to minimize the damage caused by information resource breaches. This article proposes an economic model in an attempt to evaluate the trade-offs between security and disaster-recovery technologies. The article intends to provide a directional strategy for managers in terms of increasing budgetary allocations for each of these technologies. The proposed model presents insights for managers.