Full title: 1996/97 Information security status survey: Consolidated results: Information processing.
Overview: The ISF's 1996/97 Information Security Status Survey was the most searching study ever conducted into the security of information systems in leading enterprises operating around the world. Surveyed organizations had a collective annual turnover of $450 billion. This report focussed on the effectiveness of the security arrangements applied to 217 computer installations.
The survey probed the key features of each installation, the status of controls and the types of incident most likely to compromise information processing. Analysis of responses identified 'benchmark installations' with exceptionally effective security arrangements - effectiveness being demonstrated by substantially lower incident rates. The pattern of controls applied to these installations is highly revealing about how IT risk can be managed down to an acceptable level.
Published by: European Security Forum (ESF)
Date published: August 1997
Status: Available to ISF Members.
Citicus role: A founder of Citicus developed the survey questionnaires for and in conjunction with the ESF management team, analysed responses, verified the integrity of key data and was the principal author of this report. Another founder of Citicus contributed to the data acquisition and analysis.