Ontology-based information security compliance determination and control selection on the example of ISO 27002
نویسندگان
چکیده
منابع مشابه
ISO/IEC 27000, 27001 and 27002 for Information Security Management
With the increasing significance of information technology, there is an urgent need for adequate measures of information security. Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and security breaches, fraudulent accounting practices, and attacks on IT systems appeared in public, organizations have recognize...
متن کاملSecurity level analysis of academic information systems based on standard ISO 27002: 2003 using SSE-CMM
this research was conducted to find out the level of information security in organization to give recommendations improvements in information security management at the organization. This research uses the ISO 27002 by involving the entire clause that exists in ISO 27002 check-lists. Based on the analysis results, 13 objective controls and 43 security controls were scattered in 3 clauses of ISO...
متن کاملInformation Security Specialist Training on the Basis of ISO/IEC 27002
Information Security (IS) specialists’ training for all sectors of trade, industry and government has never been more important as intellectual property and other sensitive or business-critical information becomes the life-blood of many companies today. Analysis of the experience collected within training of IS specialists at the Moscow Engineering Physics Institute (State University) (the MEPh...
متن کاملSecurity of Embedded Systems Using “ISO 27002” Standards
Embedded Systems are electronic products that contain one or more than one microprocessor and software either programmable or fixed in capability, designed to perform some dedicated function within a large entity. Embedded Systems are increasingly employed in critical sectors such as in Life Critical Systems, Financial Infrastructure, Information Systems, Transportation Systems, Consumer Produc...
متن کاملToward an Effective Information Security Risk Management of Universities’ Information Systems Using Multi Agent Systems, Itil, Iso 27002,Iso 27005
Universities in the public and private sectors depend on information technology and information systems to successfully carry out their missions and business functions. Information systems are subject to serious threats that can have adverse effects on organizational operations and assets, and individuals by exploiting both known and unknown vulnerabilities to compromise the confidentiality, in...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Information & Computer Security
سال: 2018
ISSN: 2056-4961
DOI: 10.1108/ics-02-2018-0020