Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Value creation and return on security investments (ROSI)
KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
2007 (English)In: New Approaches for Security, Privacy and Trust in Complex Environments / [ed] Venter, H; Eloff, M; Labuschagne, L; Eloff, J; VonSolms, R, 2007, Vol. 232, 25-35 p.Conference paper, Published paper (Refereed)
Abstract [en]

This paper investigates if IT security is as a part of value creation. The first part of the commentary focuses on the current theoretical conditions for IT security as a part of value creation. Different Return On Security Investment (ROSI) models are studied to investigate if they can calculate value creation with regard either to efficiency or to effectiveness. The second part of the paper investigates empirical evidence of a ROSI or any indication of a shareholder value perspective on IT security in three large, listed companies from different business segments. What they have in common is their first priority: value creation. The commentary begins by describing the "Productivity Paradox". It is followed by the most well-known ROSI models. Then, it explains the models applicability in value creation. Next, the three companies in the study are investigated. In the following section conclusions are drawn. Finally, the results of the research are discussed.

Place, publisher, year, edition, pages
2007. Vol. 232, 25-35 p.
Series
International Federation For Information Processing, ISSN 1571-5736 ; 232
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:kth:diva-40710ISI: 000246676500003Scopus ID: 2-s2.0-36248980334ISBN: 978-0-387-72366-2 (print)OAI: oai:DiVA.org:kth-40710DiVA: diva2:442700
Conference
22nd International Information Security Conference Location: Sandton, South Africa, Date: MAY 14-16, 2007
Available from: 2011-09-22 Created: 2011-09-20 Last updated: 2018-01-12Bibliographically approved

Open Access in DiVA

No full text

Scopus

Search in DiVA

By author/editor
Magnusson, ChristerMolvidsson, JosefZetterqvist, Sven
By organisation
Computer and Systems Sciences, DSV
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 83 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf