ISO 27001 Information Security Management System Software Design
نویسندگان
چکیده
Çal??mada, bilgi ça??nda ya?ad???m?z bu dönemde en önemli gereklilik haline gelmi? güvenli?inin sistemleri ile entegre edilmesi üzerine çal???lm??t?r. Süreklili?e ihtiyaç duyulan süreçte maksimum fayda sa?lanacak ?ekilde tasarlanabilmesi için bir yaz?l?m önerilmi?tir. Bu uygulamada ISO 27001 güvenli?i yönetimi sistemi standard?n?n maddelerine cevap verebilecek nitelikte modüler yap? olu?turulmu? ve kullan?c? dostu uygulamas? geli?tirilmi?tir. Uygulama içerisinde ki varl?k yönetimi, risk tedarikçi envanter bak?m düzeltici iyile?tirici faaliyetler, olay e?itim hat?rlatma modülleri yönetim kurulum a?amas?nda bütün ana süreçlerin elektronik ortama ta??nmas?n? amaçlam??t?r. Geli?tirilen uygulama sayesinde sürecindeki kâ??t ya da ortamda yürütülen süreçler yap?lan i?ler üzerinden takip edilerek her an gözlemlenebilir duruma gelecek kurumun kendi durumuyla ilgili sonuca tek ara yüzden ula?abilmesi sa?lanacakt?r. Ayr?ca geli?tirilen yüzlerle minimum düzeyde eforla beklenilen i?in gerçekle?tirilmesi de insan hatas?ndan az seviyede zarar görülmesi
منابع مشابه
ISO/IEC 27000, 27001 and 27002 for Information Security Management
With the increasing significance of information technology, there is an urgent need for adequate measures of information security. Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and security breaches, fraudulent accounting practices, and attacks on IT systems appeared in public, organizations have recognize...
متن کاملISMS-CORAS: A Structured Method for Establishing an ISO 27001 Compliant Information Security Management System
Established standards on security and risk management provide guidelines and advice to organizations and other stakeholders on how to fulfill their security needs. However, realizing and ensuring compliance with such standards may be challenging. This is partly because the descriptions are very generic and have to be refined and interpreted by security experts, and partly because they lack tech...
متن کاملStandardization of Information Security Management System: ISO/IEC 27001: 2005, ITIL®, CoBIT®
Information is currently the most important asset of modern companies. Its security is therefore very important and becomes the top priority of each company. Unfortunately, there is no simple recipe providing 100 % security of information. A company must apply the best security procedures with the aim to achieve an appropriate level of its information security. This paper presents and compares ...
متن کاملGoverning Information Security in Conjunction with COBIT and ISO 27001
In this paper, after giving a brief definition of Information Security Management Systems (ISMS), ISO 27001, IT governance and COBIT, pros and cons of implementing only COBIT, implementing only IS
متن کاملIso/iec 27001 Information Systems Security Management Standard : Exploring the Reasons for Low Adoption
In this paper we attempt to find the reasons for low adoption of the international standard ISO/IEC 2700 on information security management. We benchmark ISO/IEC 27001 against the two other widely applied management system standards – ISO 9001 for quality management and ISO 14001 for environmental management We show that besides low adoption rates, ISO/IEC 27001 standard has received significan...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: INTERNATIONAL JOURNAL OF INFORMATICS TECHNOLOGIES
سال: 2021
ISSN: ['1307-9697', '2147-0715']
DOI: https://doi.org/10.17671/gazibtd.767198