Outsource or not?
ǂan ǂAHP based decision model for information security management
Povzetek
Purpose: Outsourcing information security has proven to be an efficient solution for information security management; however, it may not be the most suitable approach for every organization. This research aimed to develop a multi-criteria decision-making model that would enable organizations to determine which approach to information security management (outsourcing or internal management) is more suitable for their needs and capabilities.
Methods: Our study utilized several different research methods. First, the decision criteria were identified by reviewing related work and then selected by information security experts in a focus group. Second, a survey was conducted among information security practitioners to assign the criteria weights. Third, four use cases were conducted with four real-world organizations to assess the usability, ease of use, and usefulness of the developed model.
Results: We developed a ten-criteria model based on the analytic hierarchy process. The survey results promote performance-related criteria as more important than efficiency-focused criteria. Evidence from use cases proves that the decision model is useful and appropriate for various organizations.
Conclusion: To make informed decisions on approaching information security management, organizations must first conduct a thorough analysis of their capabilities and needs and investigate potential external contractors. In such a case, the proposed model can serve as a useful support tool in the decision-making process to obtain clear recommendations tailored to factual circumstances.
Ključne besede
information security;decision model;analytic hierarchy process;AHP;management;outsourcing;
Podatki
| Jezik: | Angleški jezik |
|---|---|
| Leto izida: | 2022 |
| Tipologija: | 1.01 - Izvirni znanstveni članek |
| Organizacija: | UM FVV - Fakulteta za varnostne vede |
| Založnik: | Moderna organizacija |
| UDK: | 004.056:621.39 |
| COBISS: |
109986819
|
| ISSN: | 1318-5454 |
| Št. ogledov: | 34 |
| Št. prenosov: | 0 |
| Ocena: | 0 (0 glasov) |
| Metapodatki: |
|
Ostali podatki
| Sekundarni jezik: | Slovenski jezik |
|---|---|
| Sekundarne ključne besede: | informacijska varnost;odločitveni model;analitični hierarhični proces;AHP;management;zunanje izvajanje; |
| Vrsta dela (COBISS): | Znanstveno delo |
| Strani: | str. 142-159 |
| Letnik: | ǂVol. ǂ55 |
| Zvezek: | ǂno. ǂ2 |
| Čas izdaje: | 2022 |
| DOI: | 10.2478/orga-2022-0010 |
| ID: | 24283238 |
Priporočena dela:
Outsource or not?
2022,
ǂan ǂAHP based decision model for information security management
Uporaba večkriterijskih odločitvenih modelov za ocenjevanje kakovosti ponudbe turističnih kmetij
2016,
ni podatka o podnaslovu
ǂAn ǂapplication of analytic hierarchy process (AHP) and sensitivity analysis for maintenance policy selection
2014,
ni podatka o podnaslovu
Comparison of some aggregation techniques using group analytic hierarchy process
2015,
ni podatka o podnaslovu