With the security of information becoming an evermore significant concern of many organizations, information security management has become a real concern for many individuals and organizations. Advanced safeguards are required to protect the information assets of not only large but also small and distributed enterprises. Effective approaches to information security management, such as policies and certifications, are now required, and must be supported by a range of technical and human-centric measures.

The Workshop on Information Security Management, organized by IFIP TC-11 Working Group 11.1 (Information Security Management), invites you to contribute by submitting a paper for presentation or proposals for panel discussions and tutorials. Contributions can either be of practical, industry-focused nature or reports on academic activities.

• Topics of interest include, but are not limited to, the following:
• Formulating effective information security policies
• Establishing and maintaining security culture
• Security governance and compliance
• Strategies for managing security in SME environments
• Methodologies and techniques for certification and accreditation
• Standards for information security management
• Managing technology and people
• Organizing and assigning responsibility for security
• Outsourcing information security
• Risk assessment
• Measurement of security
• Requirements for awareness, training and education.
• Evaluation of information security in companies
• Information security surveys and case studies

Submissions types:

• Abstract only submissions:  These submissions will be reviewed only for presentation at the conference. Papers will not be included in the proceedings.
• Completed Papers/Cases: These submissions, if accepted, will be included in a published conference proceedings/book.
• Tutorials:  These submissions will be reviewed only for presentation at the conference. Tutorials will not be included in the proceedings.