A process framework for information security management

نویسندگان

چکیده

Securing sensitive organizational data has become increasingly vital to organizations. An Information Security Management System (ISMS) is a systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security. Key elements of the operation ISMS are processes. However, in spite its importance, process framework with description processes their interaction as well other management not available literature. Cost benefit analysis security investments regarding single measures protecting focus current research, mostly focused on economics. This article aims fill this research gap by proposing such main contribution. It based set agreed upon existing standards like ISO 27000 series, COBIT ITIL. Within framework, identified described interfaces specified. helps ISMS, instead focusing controls. By this, finding, systemic character consisting perception relevant roles strengthened.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A process framework for information security management

متن کامل

The Performance Pyramid Framework to Information Systems Security Management Process

The investigation in this paper takes a social and organizational approach to information systems security management and proposes a framework which illustrates three important issues in the process of security management through goal setting, these are: trust, culture, and risk communication. Three case studies show evidence that there is a chain reaction among these issues with a subsequent e...

متن کامل

SIMOnt: A Security Information Management Ontology Framework

In this paper, we have proposed the design of a Security Information Management Ontology (SIMOnto) framework, which utilizes natural language processing and statistical analysis to mine an exhaustive list of concepts and their relationships in an automatic way. Concepts are extracted using TF-IDF and LSA techniques whereas, relations between them are mined using semantic and co-occurrence based...

متن کامل

A Framework for the Management of Information Security

Information security is based on access control models and cryptographic techniques These are well established areas of research in computer security but are not capable of supporting development of comprehensive information security within organizations There is a need to study upper level issues and to provide with organizational mechanisms to identify security enforcement mechanisms and spec...

متن کامل

A Framework for Information Security Risk Management Communication

Organisations have over the last couple of years become more aware of the importance of information security risk management and its corresponding due diligence requirements. A cornucopia of information security risk management approaches exist that can assist organisations in determining and controlling risks. However, with these choices organisations are finding it increasingly difficult to c...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

ژورنال

عنوان ژورنال: International Journal of Information Systems and Project Management

سال: 2022

ISSN: ['2182-7796']

DOI: https://doi.org/10.12821/ijispm040402