Information security management needs more holistic approach: A literature review

2016 ◽  
Vol 36 (2) ◽  
pp. 215-225 ◽  
Author(s):  
Zahoor Ahmed Soomro ◽  
Mahmood Hussain Shah ◽  
Javed Ahmed
Keyword(s):  
Information Security ◽  
Literature Review ◽  
Security Management ◽  
Holistic Approach ◽  
Information Security Management

A Rigorous Approach to the Definition of an International Vocational Master’s Degree in Information Security Management

2010 ◽  
Vol 1 (4) ◽  
pp. 1-17 ◽  
Author(s):  
Frédéric Girard ◽  
Bertrand Meunier ◽  
Duan Hua ◽  
Eric Dubois
Keyword(s):  
Information Security ◽  
Security Management ◽  
Holistic Approach ◽  
Learning Trajectory ◽  
Learning Program ◽  
Information Security Management ◽  
Security Officer ◽  
Rigorous Approach ◽  
Definition Of ◽  
New Education

In Luxembourg, like in many other countries, information security has become a central issue for private companies and public organizations. Today, information is the main asset of a company for its business and, at the same time, regulations are imposing more and more rules regarding its management. As a consequence, in Luxembourg, a clear need has emerged regarding the development of new learning trajectory fulfilling the requirements of the new job profile associated with a Chief Security Officer. This need was relayed by the national professional security association which asked for the development of a new education program targeting professional people engaged in a lifelong learning trajectory. The paper reports on the rigorous and scientific participatory approach for producing the adequate learning program meeting requirements elicited from the professional association members. The authors present the skills card that has been elaborated for capturing these requirements and the program, which has been built together with the University of Luxembourg for matching these requirements. This program proposes a holistic approach to information security management by including organization, human and technical security risks within the context of regulations and norms.

The Adoption of Information Security Management Standards

2009 ◽  
pp. 119-140 ◽  
Author(s):  
Yves Barlette ◽  
Vladislav V. Fomin
Keyword(s):  
Information Security ◽  
Literature Review ◽  
Success Factors ◽  
Security Management ◽  
Information Security Management ◽  
Diffusion Of Information ◽  
Management Standards ◽  
Business Market ◽  
Security Standards ◽  
Iec 27001

This chapter introduces major information security management methods and standards, and particularly ISO/IEC 27001 and 27002 standards. A literature review was conducted in order to understand the reasons for the low level of adoption of information security standards by companies, and to identify the drivers and the success factors in implementation of these standards. Based on the findings of the literature review, we provide recommendations on how to successfully implement and stimulate diffusion of information security standards in the dynamic business market environment, where companies vary in their size and organizational culture. The chapter concludes with an identification of future trends and areas for further research.

The Adoption of Information Security Management Standards

2010 ◽  
pp. 69-90 ◽  
Author(s):  
Yves Barlette ◽  
Vladislav V. Fomin
Keyword(s):  
Information Security ◽  
Literature Review ◽  
Success Factors ◽  
Security Management ◽  
Information Security Management ◽  
Diffusion Of Information ◽  
Management Standards ◽  
Business Market ◽  
Security Standards ◽  
Iec 27001

This chapter introduces major information security management methods and standards, and particularly ISO/IEC 27001 and 27002 standards. A literature review was conducted in order to understand the reasons for the low level of adoption of information security standards by companies, and to identify the drivers and the success factors in implementation of these standards. Based on the findings of the literature review, we provide recommendations on how to successfully implement and stimulate diffusion of information security standards in the dynamic business market environment, where companies vary in their size and organizational culture. The chapter concludes with an identification of future trends and areas for further research.

A Rigorous Approach to the Definition of an International Vocational Master’s Degree in Information Security Management

2012 ◽  
pp. 328-343
Author(s):  
Frédéric Girard ◽  
Bertrand Meunier ◽  
Duan Hua ◽  
Eric Dubois
Keyword(s):  
Information Security ◽  
Security Management ◽  
Holistic Approach ◽  
Learning Trajectory ◽  
Learning Program ◽  
Information Security Management ◽  
Security Officer ◽  
Rigorous Approach ◽  
Definition Of ◽  
The University

In Luxembourg, like in many other countries, information security has become a central issue for private companies and public organizations. Today, information is the main asset of a company for its business and, at the same time, regulations are imposing more and more rules regarding its management. As a consequence, in Luxembourg, a clear need has emerged regarding the development of new learning trajectory fulfilling the requirements of the new job profile associated with a Chief Security Officer. This need was relayed by the national professional security association which asked for the development of a new education program targeting professional people engaged in a lifelong learning trajectory. The paper reports on the rigorous and scientific participatory approach for producing the adequate learning program meeting requirements elicited from the professional association members. The authors present the skills card that has been elaborated for capturing these requirements and the program, which has been built together with the University of Luxembourg for matching these requirements. This program proposes a holistic approach to information security management by including organization, human and technical security risks within the context of regulations and norms.

Sign in / Sign up

Export Citation Format

Share Document