Information technology has had a significant impact on business operations and allowed the emergence of new business models. These IT-enabled processes and businesses however depend on secure information systems which need to be managed. The management of information systems security (ISS) is a highly dynamic and complex task due to constant change in the information technology domain. In this ...

Despite the importance of Critical Information Infrastructures (CIIs) and dynamic ICT-based maritime Supply Chains (SCs) for ports operations, state-of-the-art Risk Management (RM) methodologies for maritime environments pay limited attention to cyber-security and do not adequately address security processes for international SCs. Motivated by these limitations, we have developed and will valid...

In 2008 EUROCONTROL published Information and Communications Technology (ICT) Security Guidance to Air Navigation Service Providers (ANSPs), to assist them in complying with regulatory security requirements. This included a visualisation tool which allowed the consistency of control sets to be reviewed and communicated: consistency being the degree to which more sophisticated controls were supp...

The need for common understanding and agreement of functional and non-functional requirements is well known and understood by information system designers. This is necessary for both: designing the “correct” system and achieving interoperability with other systems. Security is maybe the best example of this need. If the understanding of the security requirements is not the same for all involved...

Purpose After 15 years of research, this paper aims to present a review the academic literature on ISO/IEC 27001, most renowned standard for information security and third widespread ISO certification. Emerging issues are reframed through lenses social systems thinking, deriving theory-based research agenda inspire interdisciplinary studies in field. Design/methodology/approach The study is str...

Dalam proses pelaksanaan tata kelola teknologi informasi di suatu instansi, keamanan merupakan aspek yang sangat penting untuk melindungi aset dari segala bentuk ancaman. Evaluasi juga dilakukan oleh instansi mengetahui sejauh mana tingkat pengamanan sudah diterapkan. Diskominfo Provinsi XYZ pemerintahan memanfaatkan dalam melaksanakan bisnisnya. Proses bisnis tersebut utama bagi harus dilindun...

Perencanaan manajemen risiko keamanan informasi bagi suatu perusahaan sangatlah penting untuk mengukur tingkat kesiapan organisasi dalam menghadapi ancaman yang mungkin bisa terjadi. pada Kampus IT Telkom Purwokerto juga sangat penting, karena mengetahui data dan ada di kampus tersebut, baik Dosen, karyawan ataupun mahasiswa. menyusun perencanaan terkait Keamanan Informasi standar digunakan ada...

The United States (US) healthcare organizations are continuously struggling to cope-up with evolving regulatory requirements e.g. Health Information Technology for Economic and Clinical Health Act (HITECH) and International Organization for Standardization (ISO) 9001: 2015. These requirements are not only affecting the US healthcare industry but also other industries as well e.g. software indus...