Information security officers of large organisations have the responsibility, inter alia, to advise senior management on the current level of organisational risk and to overview the operation of effective security systems within the organisation.Current developments in risk analysis methodologies and system security certification, e.g. ITSEC, can provide security officers with information on the current level of organisational risk and the effectiveness of security systems. However these activities are commonly undertaken as large one-off projects. Hence they do not provide the methodologies or tools that allow security officers to respond to the often ad hoc demands made upon them.This paper deals with the development of a security model for use by information security officers, either as a method of monitoring the implementation of internal security policy, or as a preparatory step before seeking certification. The model comprises three main groups of security information: information system environment, information systems and information system assets. The model serves to indicate the current state of security in the organisation. A threat to the system environment can be traced through to its potential organisational impact, taking into account the current defences in the information processing systems.The two major areas of research in the project lie in the estimation of security effectiveness from threat countermeasure diagrams, and the means of inferring business impacts from the interrelationships amongst information processing assets.Current work is directed to the implementation of the model in a hypertext and an object oriented paradigm.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.