| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 4955592 | Computers & Security | 2016 | 22 Pages |
â¢The Reference Model of Information Assurance and Security (RMIAS) is evaluated.â¢A multi-criteria framework, and analytical and empirical methods are used.â¢Twenty-six interviews with experts, three workshops and a case study are conducted.â¢The RMIAS confidently satisfies the majority of the evaluation criteria.
The evaluation of a conceptual model, which is an outcome of a qualitative research, is an arduous task due to the lack of a rigorous basis for evaluation. Overcoming this challenge, the paper at hand presents a detailed example of a multifaceted evaluation of a Reference Model of Information Assurance & Security (RMIAS), which summarises the knowledge acquired by the Information Assurance & Security community to date in one all-encompassing model. A combination of analytical and empirical evaluation methods is exploited to evaluate the RMIAS in a sustained way overcoming the limitations of separate methods. The RMIAS is analytically evaluated regarding the quality criteria of conceptual models and compared with existing models. Twenty-six semi-structured interviews with IAS experts are conducted to test the merit of the RMIAS. Three workshops and a case study are carried out to verify the practical value of the model. The paper discusses the evaluation methodology and evaluation results.
Graphical AbstractDownload full-size image
