Measuring effectiveness in Information Security Controls

The main purpose of the Information Security Analyst is to control the exposure to information security risks. However, the information security budget is not unlimited and there is increasingly a need to justify the return on investment for the controls implemented in our companies. How can we...
Manuel Humberto Santander Peláez
July 6, 2010

All papers are copyrighted. No re-posting of papers is permitted