ISO/IEC 27000, 27001 and 27002 for Information Security Management
نویسندگان
چکیده
منابع مشابه
ISO/IEC 27000, 27001 and 27002 for Information Security Management
With the increasing significance of information technology, there is an urgent need for adequate measures of information security. Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and security breaches, fraudulent accounting practices, and attacks on IT systems appeared in public, organizations have recognize...
متن کاملISMS-CORAS: A Structured Method for Establishing an ISO 27001 Compliant Information Security Management System
Established standards on security and risk management provide guidelines and advice to organizations and other stakeholders on how to fulfill their security needs. However, realizing and ensuring compliance with such standards may be challenging. This is partly because the descriptions are very generic and have to be refined and interpreted by security experts, and partly because they lack tech...
متن کاملIso/iec 27001 Information Systems Security Management Standard : Exploring the Reasons for Low Adoption
In this paper we attempt to find the reasons for low adoption of the international standard ISO/IEC 2700 on information security management. We benchmark ISO/IEC 27001 against the two other widely applied management system standards – ISO 9001 for quality management and ISO 14001 for environmental management We show that besides low adoption rates, ISO/IEC 27001 standard has received significan...
متن کاملGoverning Information Security in Conjunction with COBIT and ISO 27001
In this paper, after giving a brief definition of Information Security Management Systems (ISMS), ISO 27001, IT governance and COBIT, pros and cons of implementing only COBIT, implementing only IS
متن کاملModel Driven Information Security Management - Evaluating and Applying the Meta Model of ISO 27001
Information technology has had a significant impact on business operations and allowed the emergence of new business models. These IT-enabled processes and businesses however depend on secure information systems which need to be managed. The management of information systems security (ISS) is a highly dynamic and complex task due to constant change in the information technology domain. In this ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Information Security
سال: 2013
ISSN: 2153-1234,2153-1242
DOI: 10.4236/jis.2013.42011