Embedded Workshop
Information Security Management (ISM)
Tuesday 24 August 2004

10h30 - 12h
Corporate ISM

Corporate Information Security Education: Is Outcomes Based Education the Solution?- Joahn Van Niekerk and Rossouw Von Solms (Port Elizabeth Technikon, South Africa)

Towards Corporate Information Security Obedience- Kerry-Lynn Thomson and Rossouw von Solms (Port Elizabeth Technikon, South Africa)

13h30 - 15h
ISM - Risk Analysis Methods and Frameworks

CIIP-RAM - A Security Risk Analysis Methodology for Critical Information Infrastructure Protection- Tyrone Busutiil and Matthew Warren (Deakin U., Australia)

A Framework for role-based monitoring of Insider Misuse- Aung Htike Phyo, Steven M. Furnell, and Francisco Portilla (U. Plymouth, UK)

15h30 - 17h30
Session 3: ISM & Technology

Update/Patch Management Systems: a protocol taxonomy with security implications- Andrew Colarik, Clark Thomborson, and Lech Janczewski (U. Auckland, New Zealand)

Investigating a smart Technology- Kevin O'Sullivan, Karen Neville, Ciara Heavin (U. College Cork, Ireland)

Discussion on what are the future issues of Information Security.
Panel: to-be-announced