- O-ISM3
-
Articles
- Ten ways ISMS fail
- How can you Measure how Secret a Secret is?
- What is the Maturity of your ISMS?
- Risk, Investment and Maturity
- Compliance vs Continuous Improvement
- A primer in Metrics driven Process Management
- Process Management with Security Metrics
- Measuring Security
- Beyond Authentication, Authorization and Accounting
- Return On Security Investment
- Standards, standards, standards, Are they any good?
-
by Vicente Aceituno Canal
- Slideshare
- Youtube
- Youtube (Spanish)
- Contact
-
Foundations
- Ask Smart Questions to Set Security Service Levels
- Can you pass the O-ISM3 Test?
- The CIA triad is not helping you as much as you think
- Advanced Classification of Information
- Security Foundations Series: Secrecy
- Security Foundations Series: Privacy
- Security Foundations Series: Availability
- Security Foundations Series: Expiration
- Security Foundations Series: Retention
- Security Foundations Series: Quality
- Security Foundations Series: Compliance
- Security Foundations Series: Technical Objectives
- Security Foundations Series: Intellectual Property you Own
- Security Foundations Series: Intellectual Property you Use
- What is an Operational, Positive Definition of Security
- Operational Definitions for Security
- Information Assurance Markup Language
- Security Quarks help communicate with non IT people
- Security Quarks and the Cookie Monster
- Information Security Paradigms
Operational Definitions for Security
In this video we argue about the need for operational definitions in information security. From Wikipedia: "An '''operational definition''' is the application of operationalisation used in defining the terms of a process needed to determine the nature of an item or phenomenon and its properties such as duration, quantity, extension in space, chemical composition, etc. The procedures included in definitions should be repeatable by anyone or at least by peers. An example of operational definition of the term ''weight'' of an object, operationalised to a degree, would be the following: "weight is the numbers that appear when that object is placed on a weighing scale. According to it, the weight can be any of the numbers shown on the scale after, including the very moment the object is put on it. Clearly, the inclusion of the moment when one can start reading the numbers on the scale would make it more fully an operational definition. Nonetheless, it is still in contrast to those purely theoretical definitions.