International Journal of Computer Networks & Communications (IJCNC)

AIRCC PUBLISHING CORPORATION

IJNSA 05

AN EXTENDED SECURITY MEASUREMENT
FRAMEWORK FOR OPEN-SOURCE ENTERPRISE
RESOURCE PLANNING SOFTWARE SECURITY

Jane Wanjiru Njuki, Geoffrey Muchiri Muketha and John Gichuki Ndia
School of Computing and Information Technology,
Murang’a University of Technology, Kenya

ABSTRACT
Modern organizations are adopting new ways of measuring their level of security for compliance and justification of security investments. The highly interconnected environment has seen organizations generate lots of personal information and sensitive organizational data. Easiness in automation provided by open-source enterprise resource planning (ERP) software has accelerated its acceptability. The study
aimed at developing a security measurement framework for open-source ERP software. The motivation
was twofold: paradigm shift towards open-source ERP software and the need for justified investment on
information security. Product quality evaluation method based on ISO 25010 framework guided the
selection of attributes and factors. A security measurement framework with security posture at the highest
level, attributes and factors was developed presenting a mechanism for assessing organization’s level of
security. Security posture promotes customers’ confidence and gives management means to leverage
resources for information security investment. The future work includes definition of metrics based on the
framework.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Information

This entry was posted on October 15, 2022 by .
%d bloggers like this: