The information security chain in a company

Computers and Security

Volumn 15, Issue 4, 1996, Pages 297-316

  Finne, Thomas ^a  

^a ÅBO AKADEMI UNIVERSITY   (Finland)

Author keywords

Information Security (ISEC); Information Security Chain (ISC); Risks

Indexed keywords

COMPUTER NETWORKS; INFORMATION MANAGEMENT; RISK ASSESSMENT;

INFORMATION SECURITY CHAIN (ISC);

SECURITY OF DATA;

EID: 0030417096     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/0167-4048(96)88941-3     Document Type: Article

References (72)

1. Arbnor, Ingeman & Björn Bjerke. Företagsekonomisk metodlära. Studentlitteratur. Lund, 1977.
2. Audit Commission. Opportunity Makes the Thief. Press on Printers, London, 1994.
3. Borgström, H. Ny Teknik/Data. Virus blir bara värre. Vecka 17, 1996, p 4.
4. Caelli, William., D. Longley & M. Shain. Information Security for Managers, Stockton Press, UK, 1989.
5. Caelli, William & Alan Tickle. Communications Security: In Caelli, W., Longley, D. & M. Shain. Information Security Handbook, Stockton Press, New York, 1991, pp 649-706.
6. Carlsson, Christer. Human Systems Management. New Instruments for Management Research, Volume 10, Number 3, 1991, pp 203-220.
7. Carroll, J.M. Portrait of the Computer Criminal. In Information Security The Next Decade. Ed. J. Eloff & S. von Solms, Proceedings of the IFIP TC11 Eleventh International Conference on Information Security, South Africa 9-12 May 1995, pp 533-545.
8. Carter, Roy. Accountancy. Careless words cost business. March 1989, pp 158-159.
9. Checkland, Peter. Systems Thinking, Systems Practice. John Wiley & Sons, Great Britain, 1981.
10. Clough, Bryan & Paul Mungo. Approaching Zero. London, 1992.
11. Computer Spectrum. Schluss mit Abhören. Nummer 9, 1990.
12. Computer Weekly. 1995: In Computer Fraud & Security Bulletin, Elsevier Advanced Technology, Oxford, August 1995, p 4.
13. Deborah Russell & G.T. Gangemi. 1991. In: Tallberg, Anders. Artikelkompendium. Datasäkerhet och adb-revision, Svenska Handelshögskolan, Helsingfors, 1994.
14. Deloitte Touche Tohmatsu International. Information Protection and Client Server, Republic of South Africa, 1995, p 17.
15. Deloitte Touche Tohmatsu International. Computer Assurance Services, Republic of South Africa, 1995.
16. Dorey, Paul. Security Management and Policy: In Caelli, W. Longley, D., & Shain M. Information Security Handbook, Stockton Press, New York, 1991, pp 27-74.
17. Essinger, James. Fraud Prevention and Computer Security for Financial Institutions-Part 2, Computer Fraud & Security Bulletin, Elsevier Advanced Technology, Oxford, March 1995, pp 16-19.
18. Finne, Thomas. Informationssäkerhet (Information Security). Åbo Akademi University, Finland, 1993.
19. Finne, Thomas. Information Security: Vital for Competitive Advantages. Paper presented at the IFIP WG 11.1 Workshop. South Africa, Cape Town, 8.5.1995.
20. Finne, Thomas. Analysing Information Security: A Knowledge-based DSS Approach. Åbo Akademi University, Institute for Advanced Management Systems Research, Ser, A:456.1996.
21. FISUGbytes. Finnish Sun user group, No.3. 1994.
22. Hannula, Antti & Risto Siilasmaa. Mikrojen tietoturva, Helsinki, Datacasa, 1991.
23. Hancock, William. Network Security, Issues and Problems in Secure Remote Access, June 1994, pp 14-18.
24. Hardjono, Thomas & Jennifer Seberry. Information Security Issues in Mobile Computing: In Information Security The Next Decade. Ed. J. Eloff & S. von Solms. Proceedings of the IFIP TC11 Eleventh International Conference on Information Security, South Africa 9-12 May 1995, pp 125-134.
25. Herdan, Dov. NetSec. Network Security products launched. South Africa, May 1995, p 2.
26. Highland, Harold. Protecting your Microcomputer System. New York, Wiley, 1985.
27. Highland, Harold. Random Bits and Bytes, Computers & Security, Volume 13, Number 6, Elsevier Advanced Technology, Oxford, 1994, pp 458-465.
28. Hoffman, Lance. Encryption Policy for the Global Information Infrastructure: In Information Security The Next Decade. Ed. J. Eloff & S. von Solms. Proceedings of the IFIP TC11 Eleventh International Conference on Information Security, South Africa 9-12 May 1995, pp 50-63.
29. ISO, Information Technology Security Techniques. ISO/IEC JTC 1/SC 27, N 962, 1994.
30. Johnson, Mark. Computer Fraud & Security Bulletin, Elsevier Advanced Technology, Oxford, July 1994, pp 8-12.
31. vinen, Petteriietokonevirukset. WSOY, Porvoo, 1990.
32. Kajava, Jorma & Jussipekka Leiwo. Tietoturvahenkilöstö organisaatiossa. University of Oulu, Department of Information Processing Science, Working paper, Oulu, 1994.
33. Kalakota, Ravi & Andrew Whinston. Frontiers of Electronic Commerce. Addison-Wesley Publishing Company Inc, USA, 1996.
34. Kelly, John M. Kilpailija-analyysistä kilpailuvaltti. Rastorjulkaisut, Helsinki, 1991.
35. Kim, Hyun-Jung. Biometrics, is it a Viable Proposition for Identity Authentication and Access Control? Computers & Security, Volume 14, No. 3, 1995, pp 205-214, Elsevier Advanced Technology, Oxford.
36. Lahtinen, Tapani. PC Tietotekniikan maailma. Mistä PC-mikro koostuu? No.1, 1995, pp 44-46.
37. LAN Vision Oy. Tietoturvauutiset. No. 1, 1995, p 4.
38. Ledell, Göran. Dataolyckor - har det verkligen hänt någon gång? Studentlitteratur, Lund, 1992.
39. Leiwo, Jussipekka & Jorma Kajava. Erään pienen organisaation tietorikosketjun tarkastelua. University of Oulu, Department of Information Processing Science, Working paper, Oulu, 1994.
40. Lindberg, Björn. Persondatorn, nätet och säkerheten, Stockholm, 1990.
41. Longley, Dennis. Access Control: In Caelli, William., Longley, D. & Shain, M. Information Security Handbook, Stockton Press, New York, 1991, pp 455-544.
42. Lujanen, Pentti (ed). Yrityksen Tietoturva. Suomen Atk-Kustannus Oy, Myllykoski, 1991.
43. Maynard, Jeff. Computer Audit Update, Elsevier Advanced Technology, Oxford, December 1994, pp 15-18.
44. Mikrodatorn. Mikrodatorns testredaktion. Säkra data med billig backup. No.1. 1993, pp 41-42, 47.
45. Mulvad, Nils. Illustrerad Vetenskap. Nu angriper datorvirus sin egen medicin, Nr.2/94, pp 46-49.
46. Mustonen, Antero. ATK-tilojen suunnittelu. Rakennuskirja, Helsinki, 1985.
47. Nordgren, Anders. Meddelanden från Åbo Akademi. No. 18. 16.12.1994, pp 6-7.
48. Nordic Council of Ministers. Information Security in Nordic Countries. Method/Questionnaire. Version: 29.3.1993, Copenhagen, 1993.
49. Norfolk, David. PC Plus. Protect and survive. December 1993, pp 300-302.
50. Norton, Peter & Paul Nielsen. Inside the Norton Antivirus. Brady Publishing, USA, 1992.
51. Ongetta, Silvano. Computer Fraud & Security Bulletin, Elsevier Advanced Technology, Oxford, August 1994, pp 13-15.
52. Panko, Raymond. Hitting the Wall: Errors in Developing and Debugging a "Simple" Spreadsheet Model. In Proceedings of the Twenty-Ninth Annual Hawaii International Conference on System Sciences. Ed. Jay F. Nunamaker Jr. & Ralph H. Sprague Jr. 1996, Vol II, pp 356-363.
53. Parker, Donn B. Computer Security Management. Reston Publishing Company Inc, Reston, 1981.
54. Parker, Donn B. The Mother of all Safeguards, Computer Fraud & Security Bulletin, Elsevier Advanced Technology, Oxford, July 1995, pp 10-12.
55. Parker, Donn B. Information Systems Security. Security Accountability in Job Performance, Volume 3, Number 4, Winter 1995, pp 16-20.
56. Pellonpoika, Pertti & Juha-Pekka Posti. MikroPC. Varakopioinnin vaihtoehdot. November 1993, pp 69-76.
57. Pohjola-Yhtiöt. Tietokonekeskukset, Suojeluohje S420, 1994.
58. Pohjola-Yhtiöt. Mikrotietokoneet, Suojeluohje S421, 1994.
59. Preston, Charles. Privacy Forum Digest, March 1995, p 8.
60. Raunio, Helena. Tekniikka & Talous. Vesi turmelee kymmeniä tuhansia asuntoja, 19.11.92, pp 3-5.
61. Saari, Juhani. Tietoturvallisuuden käsikirja, OTAVA, Keuruu, 1988.
62. Seppänen, Janne. Kun verkko kaatuu, kaatuu yrityskin, Tietoviikko, 31.3.1995, p 4.
63. Sherer, Susan A. Software Failure Risk, Measure and Management, Plenum Press, New York, 1992.
64. Smith, Martin. Commonsense Computer Security, your practical guide to information security. McGraw-Hill Book Company, London, 1993.
65. Smith, Martin & John Sherwood. Business Continuity Planning, Computers & Security, Volume 14, Number 1, Elsevier Advanced Technology, Oxford, 1995, pp 14-23.
66. Stoll, Clifford. The Cuckoo's Egg. Tracking a spy through the maze of computer espionage. Doubleday, USA, 1989.
67. Symonds, Ian M. Security in Distributed and Client/Server Systems - a Management View, Computers & Security, Volume 13, No. 6, Elsevier Advanced Technology, UK, 1994, pp 473-480.
68. Uusitupa, Seppo. Tietokone, Tietoturvaa - miksi ja miten, No. 10, Lokakuu, 1989, pp 54-55.
69. Von Solms, Rossouw & L.R. Meyer. Information Security Accreditations - The ISO 9000 Route: In Information Security The Next Decade. Ed. J. Eloff & S. von Solms, Proceedings of the IFIP TC11 Eleventh International Conference on Information Security, South Africa 9-12 May 1995, pp 40-49.
70. William, Perry E. Quality Assurance for Information Systems, methods, tools and techniques, USA, 1991.
71. Wood, Charles C. Information Security Awareness Raising Methods, Computer Fraud & Security Bulletin, Elsevier Advanced Technology, Oxford, June 1995, pp 13-15.
72. Wood, Charles C. Effective Information Security Management. Elsevier Advanced Technology, Oxford, 1991.