• norsk
    • English
  • English 
    • norsk
    • English
  • Login
View Item 
  •   Home
  • Fakultet for informasjonsteknologi og elektroteknikk (IE)
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi
  • View Item
  •   Home
  • Fakultet for informasjonsteknologi og elektroteknikk (IE)
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Incident Reporting Systems

Reed-Mohn, Anders
Master thesis
Thumbnail
View/Open
Reed-Mohn - Incident Reporting Systems1.pdf (563.2Kb)
URI
http://hdl.handle.net/11250/143837
Date
2007
Metadata
Show full item record
Collections
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi [2809]
Abstract
Systematic collection of safety incident / accident data has been common in many industries

for decades. An equivalent effort has not been made in the area of information

security, exclusive perhaps of highly specialized organizations with such needs.

The systematic collection of incident data allows scientific research and investigation

into their causes, ultimately leading organizations to introduce more effective safeguards.

Several authors have suggested that incident reporting systems should be used

to collect information security incident data.

This project explores a System Dynamics model of a general incident reporting system,

previously developed by other researchers, and discusse hpw it can be usefuk in

information security. The model is also compared to how an existing organization collects

incident data, to find out if the assumptions of the model mathces a real world

example, in this case a health care institution.

The purpose of the developed model(s) is to help organizations in developing or

improving incident reporting systems for information security, being an aid in evaluating

their (planned or existing) procedures and tools. Whilst this might have had relevance to

only a limited group of organizations in the past, when fewer worked with information

security, we see today that any organization that works with information systems must

also deal with information security in some degree. An organization does not need to

grow very large before no individual can easily keep oversight of all its workings. Thus a

need for structured management arises, just as much in information security as in other

business processes.

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit
 

 

Browse

ArchiveCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsDocument TypesJournalsThis CollectionBy Issue DateAuthorsTitlesSubjectsDocument TypesJournals

My Account

Login

Statistics

View Usage Statistics

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit