Return on Security Investments – Design Principles of Measurement Systems Based on Capital Budgeting

IT-security has become a vital factor in electronic commerce nowadays. Thus, investments have to be made in order to safeguard security. However, the benefits of these investments are often hardly visible. In most cases, such investments are made only retroactively, after incidents occur. It is necessary to measure the value before preventing incidents. For this purpose ROSI (Return on Security Investments) has gained enormous attention in research and practice. In this paper, we discuss this measure from a methodological perspective. We argue that existing approaches for calculating ROSI lack a sound methodological basis and that these approaches can be misleading for decision support. In contrast to these approaches, we suggest a new approach for the calculation of ROSI on a capital budgeting basis.

Brocke, Jan vom; Strauch, Gereon; Buddendick, Christian (2007): Return on Security Investments – Design Principles of Measurement Systems Based on Capital Budgeting. Information systems technology and its applications – 6th international conference – ISTA 2007. Bonn: Gesellschaft für Informatik e. V.. PISSN: 1617-5468. ISBN: 978-3-88579-2017. pp. 21-32. Regular Research Papers. Kharkiv, Ukraine. May 23-25, 2007

Sammlungen

P107 - ISTA 2007 - Information Systems Technology and its Applications

Komplettanzeige

Return on Security Investments – Design Principles of Measurement Systems Based on Capital Budgeting

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen