Despite the importance of Critical Information Infrastructures (CIIs) and dynamic ICT-based maritime Supply Chains (SCs) for ports operations, state-of-the-art Risk Management (RM) methodologies for maritime environments pay limited attention to cyber-security and do not adequately address security processes for international SCs. Motivated by these limitations, we have developed and will valid...

In 2008 EUROCONTROL published Information and Communications Technology (ICT) Security Guidance to Air Navigation Service Providers (ANSPs), to assist them in complying with regulatory security requirements. This included a visualisation tool which allowed the consistency of control sets to be reviewed and communicated: consistency being the degree to which more sophisticated controls were supp...

The need for common understanding and agreement of functional and non-functional requirements is well known and understood by information system designers. This is necessary for both: designing the “correct” system and achieving interoperability with other systems. Security is maybe the best example of this need. If the understanding of the security requirements is not the same for all involved...

It has become a current requirement in every company regarding the implementation of governance ICT field an effort to improve service quality. For this reason, it is necessary implement and at same time carry out ISMS periodic audit process companies using ISO 27001: 2013 standard. Based on research results found Annex 7 lowest level compared other Annexes, because work instruction documentati...

Perencanaan manajemen risiko keamanan informasi bagi suatu perusahaan sangatlah penting untuk mengukur tingkat kesiapan organisasi dalam menghadapi ancaman yang mungkin bisa terjadi. pada Kampus IT Telkom Purwokerto juga sangat penting, karena mengetahui data dan ada di kampus tersebut, baik Dosen, karyawan ataupun mahasiswa. menyusun perencanaan terkait Keamanan Informasi standar digunakan ada...

Purpose After 15 years of research, this paper aims to present a review the academic literature on ISO/IEC 27001, most renowned standard for information security and third widespread ISO certification. Emerging issues are reframed through lenses social systems thinking, deriving theory-based research agenda inspire interdisciplinary studies in field. Design/methodology/approach The study is str...