Information Security Management Standards: Problems and Solutions
نویسنده
چکیده
This paper critically analyses the foundations of three widely advocated information security management standards (BS7799, GASPP and SSE-CMM). The analysis reveals several fundamental problems related to these standards, casting serious doubts on their validity. The implications for research and practice, in improving information security management standards, are considered.
منابع مشابه
The effect of developing the dynamics of library software system on information security management (Case study: Libraries of Islamic Azad universities of the country)
Background and Objective: Information security is of vital importance in most organizations. This is especially central in academic libraries due to the specific type of visitors, exchange and transfer of information to the users. Thus, the purpose is to investigate the relationship of the development of library software and information security management in the libraries of Islamic Azad Uni...
متن کاملامنیت اطلاعات سامانه های تحت وب نهاد کتابخانه های عمومی کشور
Purpose: This paper aims to evaluate the security of web-based information systems of Iran Public Libraries Foundation (IPLF). Methodology: Survey method was used as a method for implementation. The tool for data collection was a questionnaire, based on the standard ISO/IEC 27002, that has the eleven indicators and 79 sub-criteria, which examines security of web-based information systems of IP...
متن کاملInformation Security Requirements for Implementing Electronic Health Records in Iran
Background and Goal: ICT development in recent years has created excellent developments in human social and economic life. One of the most important opportunities to use information technology is in the medical field, that the result would be electronic health record (EHR).The purpose of this research is to investigate the effects information securi...
متن کاملThe impact of Cloud Computing in the banking industry resources
Today, one of the biggest problems that gripped the banking sphere, the high cost of implementing advanced technologies and the efficient use of the hardware. Cloud computing is the use of shared services on the Internet provides a large role in developing the banking system, without the need for operating expenses including staffing, equipment, hardware and software Reducing the cost of implem...
متن کاملInformation Security Requirements for Implementing Electronic Health Records in Iran
Background and Goal: ICT development in recent years has created excellent developments in human social and economic life. One of the most important opportunities to use information technology is in the medical field, that the result would be electronic health record (EHR).The purpose of this research is to investigate the effects information securi...
متن کامل