ISO security standards as leverage on IT Security Management

Details

Serval ID
serval:BIB_D5C31D207126
Type
Inproceedings: an article in a conference proceedings.
Collection
Publications
Institution
Title
ISO security standards as leverage on IT Security Management
Title of the conference
Proceedings of 13th Americas Conference on Information Systems (AMCIS)
Author(s)
Tashi I., Ghernaouti-Hélie S.
Address
Keystone, Colorado, USA
Publication state
Published
Issued date
08/2007
Peer-reviewed
Oui
Language
english
Abstract
Information security is a very important component in the context of an organization’s dependence on ICT. The operational environment where these technologies are operating is a very complex one. Offering a good level of protection by information security process needs a well defined managerial framework.
This paper discusses the reasons why having a well defined managerial security framework is needed in an information security area, as well as which are the tools to build and implement such a management framework. After a short presentation, two international standards related to Information Security Management, the ISO 17799:2005 and ISO 27001 standards, and the implications of being conforming to these standards are analysed and their advantages and limits in a security management framework are pointed out.
Keywords
Information Security Management, Risk Management, Information Security Management effectiveness/efficiency, Information Security Management complexity, Quality Management, Compliance and Conformity, ISO 27001 and ISO 17799 standards impact on IT security management
Create date
05/02/2008 10:30
Last modification date
20/08/2019 15:55
Usage data