It shows the top information security threats, vulnerabilities, and the available ECs of the ISMES which can be used to prevent the listed vulnerabilities.
Table 12 shows the ten information security threats and the available ECs of the ISMES capable of preventing the listed vulnerabilities.
The proposed ISMES provides countermeasures to prevent vulnerabilities in each category as follows.
This highlights the expected effects of the comparison and analysis results of the proposed ISMES with previous ISMSs.
However ISMES uses qualitative and quantitative analysis for pre-evaluate using the target checklist.
Thus the ISMES can inherit documentation approved by an authorized committee so as to improve its documentation efficiency.
Revision of ,, and : In this paper, new revision is as follows: an added and modified checklist(TC and EC), an application of quantitative and qualitative analysis methodology, a separated application of self-evaluation and evaluation committee for information security management evaluation, and an evaluation of ISMES.
The best method of ISMES evaluation is a uniform application throughout the real organization.