five

Evaluation of the national information security policy by analytic hierarchy process

收藏
DataCite Commons2023-01-17 更新2024-08-18 收录
下载链接:
https://scielo.figshare.com/articles/dataset/Evaluation_of_the_national_information_security_policy_by_analytic_hierarchy_process/21907692/1
下载链接
链接失效反馈
官方服务:
资源简介:
ABSTRACT Recent cybersecurity reports show that Brazil is one of the countries with the highest number of cybercrimes, affecting more than 60 million people and causing losses estimated at more than 20 billion dollars. Within the scope of the Public Administration, the National Information Security Policy (PNSI) assigned to the Institutional Security Office of the Presidency (GSI/PR) the task of monitoring and evaluating its execution, stimulating the broad participation of society and agencies and public authorities in the construction of the process, which includes the academic effort. To contribute to this context, this research analyzed different reference models, whose structure best suited the needs of the institutions evaluated and a quantitative method capable of objectively indicating the weight of the various variables in the model. The maturity model chosen was the CSF-NIST and the method selected was the Analytic Hierarchy Process (AHP), for weighting the criteria and sub criteria. A case study illustrates the application of the selected model and method, indicating “how” to implement them, considering the specificities of the evaluated institution.

摘要 近期网络安全报告显示,巴西是全球网络犯罪高发国家之一,受影响民众超6000万,造成的经济损失预估超过200亿美元。在公共行政领域范畴内,《国家信息安全政策》(National Information Security Policy,缩写PNSI)将监测与评估政策执行、推动社会各界、各机构及公共部门广泛参与政策制定流程(含学术研究力量参与)的任务,交由总统府机构安全办公室(Institutional Security Office of the Presidency,缩写GSI/PR)负责。为助力该领域相关工作推进,本研究分析了多种适配受评估机构需求的参考模型,以及可客观量化模型内各变量权重的定量方法。最终选定的成熟度模型为CSF-NIST模型,用于对准则与子准则进行权重赋值的方法为层次分析法(Analytic Hierarchy Process,缩写AHP)。本研究通过一则案例研究演示了所选模型与方法的实际应用,结合受评估机构的具体特性,阐明了其具体实施路径。
提供机构:
SciELO journals
创建时间:
2023-01-17
搜集汇总
数据集介绍
main_image_url
以上内容由遇见数据集搜集并总结生成
二维码
社区交流群
二维码
科研交流群
商业服务