Obstructions of Turkish Public Organizations Getting ISO/IEC 27001 Certified
نویسندگان
چکیده
In this paper; a comparison has been made among the Articles contained in the ISO/IEC 27001 Standard and the Articles of the Civil Servants Law No 657, which should essentially be complied with by the personnel employed within the bodies of public institutions in Turkey; and efforts have been made in order to emphasize the consistent Articles; and in addition, the matters, which should be paid attention by the public institutions indenting to obtain the ISO/IEC 27001 certificate for the Articles of the Civil Servants Law No 657 which are not consistent with the ISO/IEC 27001 certification process, have been mentioned. Furthermore, solution offers have been presented in order to ensure that the mentioned Articles become consistent with the ISO/IEC 27001 certification process.
منابع مشابه
Analysis of the User Acceptance for Implementing ISO/IEC 27001:2005 in Turkish Public Organizations
This study aims to develop a model for the user acceptance for implementing the information security standard (i.e. ISO 27001) in Turkish public organizations. The results of the surveys performed in Turkey reveal that the legislation on information security public which organizations have to obey is significantly related with the user acceptance during ISO 27001 implementation process. The fun...
متن کاملISO/IEC 27000, 27001 and 27002 for Information Security Management
With the increasing significance of information technology, there is an urgent need for adequate measures of information security. Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and security breaches, fraudulent accounting practices, and attacks on IT systems appeared in public, organizations have recognize...
متن کاملGetting the Full Benefits of the ISO 27001 to Develop an ISMS based on Organisations’ InfoSec Culture
The ISO/IEC 27001 is an important and the most leading international information security management standard in the information security (InfoSec) world. The benefits of implementing the ISO 27001 are to provide market assurance and IT governance, based on customer demands and legal requirements. Although the ISO 27001 is a generic standard for all types of organisations and countries, there a...
متن کاملTowards an Integrated Management System (IMS), harmonizing the ISO/IEC 27001 and ISO/IEC 20000-2 Standards
In recent times, and in order to maintain an integrated, efficient and homogeneous policy, Integrated Management Systems (IMS) have emerged as an opportunity to improve processes related to Information Technology (IT) in organizations in a way that is modular, consistent and orderly. The ISO 27001 and ISO 20000 standards provide good practices for creating and/or strengthening management infras...
متن کاملTailoring ISO/IEC 27001 for SMEs: A Guide to Implement an Information Security Management System in Small Settings
While Information Security Management Systems (ISMS) are being adopted by the biggest IT companies, it remains quite difficult for smaller entities to implement and maintain all the requirements of ISO/IEC 27001. In order to increase information security in Luxembourg, the Public Research Centre Henri Tudor has been charged by the Luxembourg Ministry of Economy and Foreign Trade to find solutio...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1407.2027 شماره
صفحات -
تاریخ انتشار 2014