Information security challenges and breaches increasing time by time lead practitioners and experts solving that‟s problems. Compliance with information security standards be highly recommended to ensure all information be safe since securing information system resources is extremely important to ensure that the resources are well protected. Information security is not just a simple matter of h...

Özet. İNNOVA Bilişim Çözümleri A.Ş. bir Türk Telekom Grup şirketi olup; TSE-ISO-EN ISO 9001, ISO/IEC 20000, ISO/IEC 27001 ve TS ISO/IEC 15504 SPICE Seviye 2 uluslararası sertifikasyonlarına sahiptir. Bu model ve standartlara uygun olarak uygulama geliştirme süreçleri yürütülmektedir. Uygulama geliştirme süreçlerinden yazılım güvenilirliği; yazılımın başarısını gösteren en önemli kalite faktörle...

1.1 Case Study overview including organizational diagram.....................................3 1.2 Motivation and justification........................................................................................4 1.3 Why risk assessment is important (impact)....................................................4 2. The scope of Risk assessment in compliance with ISO27001.........................

Security metrics are used to measure the effectiveness of an organisation's Information Security Management System (ISMS) as well as the sub-processes, activities and controls of the ISMS. Guidelines and example metrics have been published, but it is still difficult for an organisation to select metrics that are feasible for their environment, i.e. their ISMS. This paper proposes a self-assessm...

IT operates in dynamic environments with the need always to change and adapt. There is a need to improve performance. Many gaps were found when we conduct the IT audit and we tried to seek to close gaps in capabilities. One way to the close these gaps is the adoption of good practices in wide industry use. There are several sources for good practices including public frameworks and standards su...

Çal??mada, bilgi ça??nda ya?ad???m?z bu dönemde en önemli gereklilik haline gelmi? güvenli?inin sistemleri ile entegre edilmesi üzerine çal???lm??t?r. Süreklili?e ihtiyaç duyulan süreçte maksimum fayda sa?lanacak ?ekilde tasarlanabilmesi için bir yaz?l?m önerilmi?tir. Bu uygulamada ISO 27001 güvenli?i yönetimi sistemi standard?n?n maddelerine cevap verebilecek nitelikte modüler yap? olu?turulmu...

Based on ISO 27001 for Information Security Management Systems, this paper introduces a newly developed security analysis approach, suitable for technical security analyses in general. This approach is used for a security analysis of several components and processes of the Health Care Telematics in Germany. Besides the results of the analysis, basics for further analysis and verification activi...

Assembling an Information Security Management System (ISMS) according to the ISO 27001 standard is difficult, because the standard provides only very sparse support for system development and documentation. Assembling an ISMS consists of several difficult tasks, e.g., asset identification, threat and risk analysis and security reasoning. Moreover, the standard demands consideration of laws and ...