The security model to combine the corporate and information security

Abstract

There are two different areas of security that have been called the corporate security and the information security. Both of these areas have been organized in numerous ways. The lack of the common agreement of the security features and components has caused conflicts between security officers and IT people. Without a common structure it is also difficult to inspect and certify security. In this paper some of the existing approaches are presented and compared. This study is in a general level trying to find something one may call structure or organization of the security features. We then present a new model that combines the corporate security and the information security. This model is based on the assets and security measures. The measures are divided into six sections that may be easily organized in a typical corporation. © 2002 Kluwer Academic / Plenum Publishers, New York.