Benchmarking methodology development for establishing information system security policy: A design science approach


Benchmarking methodology can provide organizations with a way of choosing an appropriate ISSP by referring to others in the industry. However, selecting a proper benchmarking target in establishing of information system security policy is a challenge. This paper proposes an artifact to select a target organization by quantitatively measuring the similarity of organizations' systems. Our proposed artifact includes required formulas and an algorithm which compute the similarities. The artifact is based on moment generating function with probabilistic distribution through moment method and generalized method of moment. We expect the artifact may resolve the challenge of selecting a target organization by increasing the accuracy of similarity identification.

Publication Title

Americas Conference on Information Systems 2018: Digital Disruption, AMCIS 2018

This document is currently not available here.