Information security management standards: Problems and solutions
نویسندگان
چکیده
منابع مشابه
Information Security Management Standards: Problems and Solutions
This paper critically analyses the foundations of three widely advocated information security management standards (BS7799, GASPP and SSE-CMM). The analysis reveals several fundamental problems related to these standards, casting serious doubts on their validity. The implications for research and practice, in improving information security management standards, are considered.
متن کاملThe Adoption of Information Security Management Standards A Literature Review
This chapter introduces major information security management methods and standards, and particularly ISO/IEC 27001 and 27002 standards. A literature review was conducted in order to understand the reasons for the low level of adoption of information security standards by companies, and to identify the drivers and the success factors in implementation of these standards. Based on the findings o...
متن کاملInformation Security Policy - What do International Information Security Standards say?
One of the most information security controls is the information security policy. This vital direction-giving document is, however, not always easy to develop and the authors thereof battle with questions such as what constitutes a policy. This results in the policy authors turning to existing sources for guidance. One of these sources is the various international information security standards...
متن کاملInformation Systems Security Assurance Management at Municipal Software Solutions, Inc
Effective disaster recovery planning, execution, and testing are essential to manage the risk of business interruption that arises from a myriad of sources such as fire, natural or manmade disasters, sabotage, or technical or human operational failures. The Municipal Software Services, Inc (MSS) case describes a company that was faced with a catastrophic fire. The MSS case provides a realistic ...
متن کاملGrid Security: Problems and Potential Solutions
This paper was provided as technical input to the gap analysis of the UK escience programme, March 2003. The paper outlines generic requirements for security in grid systems and the problems that are often cited with current grid software. It is argued that these issues can be resolved by the federation of both users and resources. This concept of federation extends beyond user identity systems...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Information & Management
سال: 2009
ISSN: 0378-7206
DOI: 10.1016/j.im.2008.12.007