Road Map to Information Security Management

2011 ◽  
pp. 895-902
Author(s):  
Lech J. Janczewski ◽  
Victor Portougal
Keyword(s):  
Information Security ◽  
Security Management ◽  
Multimedia Technology ◽  
Sensitive Information ◽  
Information Security Management ◽  
The Past ◽  
Road Map ◽  
External Threat ◽  
Cyber Criminals

Developments in multimedia technology and networking offer organizations new and more effective ways of conducting their businesses. That includes intensification of external contacts. Barriers between different organizations are becoming less visible. The progress gives advantages to competing forces, as well. In the past, an organization was directly exposed to competition only within its own region. Now, due to easy communications, a competitor could be located on the opposite side of the globe, having the ability to access or even disrupt the most sensitive information of a competing company. Hackers and other cyber-criminals are another part of the external threat.

scholarly journals Considerations on the implementation steps for an information security management system

2018 ◽  
Vol 12 (1) ◽  
pp. 476-485
Author(s):  
Răzvan Cristian Ionescu ◽  
Ioana Ceaușu ◽  
Cristian Ilie
Keyword(s):  
Information Security ◽  
Management System ◽  
Organizational Context ◽  
Quality Management System ◽  
Security Management ◽  
Top Management ◽  
Sensitive Information ◽  
Information Security Management ◽  
Functional Quality ◽  
Information Security Management System

Abstract News about various information security attacks against companies appears almost every day. The sources of these attacks vary from cyber-criminals who want to steal companies’ data to demand a ransom, to current or former employees who want to create damage to the organization. The best way to defend organizational critical assets is to implement an Information Security Management System that secures all sensitive assets from confidentiality, availability and integrity perspective. An Information Security Management System offers top management a framework for sensitive information flow control. This framework includes with a risk assessment that considers the security threats and vulnerabilities of the company’s assets. Companies usually implement Information Security Management System only after they have a functional quality management system, which brings clarity and optimization to the company’s processes. Current approaches on creation and implementation of effective Information Security Management System are very theoretical and thus difficult to use in practice. The main objective of this paper is to present an Information Security Management System implementation method in the case of a small company by defining the basic steps in achieving a fully functional Information Security Management System. The proposed methodology considers the top management Information Security Management System objectives, organizational context, risks assessment and third parties expectations fulfillment.

scholarly journals Manajemen Peta Jalan (Roadmap) Persandian Pemerintah Daerah Di Indonesia

2019 ◽  
Vol 3 (1) ◽  
pp. 44
Author(s):  
R Wisnu Prio Pamnungkas ◽  
Rakhmi Khalida
Keyword(s):  
Information Security ◽  
Research Method ◽  
Public Information ◽  
Security Management ◽  
Monitoring And Evaluation ◽  
Management Systems ◽  
Information Security Management ◽  
Work Plan ◽  
Road Map ◽  
Detailed Work

The present coding is safeguarding public information, not only guaranteeing security against confidentiality, but on aspects of integrity, authenticity, accessibility, availability and non-denial of information. Security is not only in the password room and is not only done by Sandiman, but more broadly to safeguard ICTs and col-laborate with information security management systems. In order to carry out these functions, it is necessary to make a road map which is a detailed work plan for coding operations. The research method used is descriptive made with reference to Planning, Implementation, Monitoring and Evaluation and Reporting. The results achieved in this study are roadmaps that can be used as a reference for regional governments in the Indonesian territory.

scholarly journals Advanced Approach to Information Security Management System Model for Industrial Control System

2014 ◽  
Vol 2014 ◽  
pp. 1-13 ◽  
Author(s):  
Sanghyun Park ◽  
Kyungho Lee
Keyword(s):  
Information Security ◽  
Management System ◽  
Security Management ◽  
General Information ◽  
Sensitive Information ◽  
New Paradigm ◽  
Industrial Control ◽  
Information Security Management ◽  
International Standard ◽  
Information Security Management System

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

scholarly journals Assessment of Information Security Management System based on ISO/IEC 27001:2013 On Subdirectorate of Data Center and Data Recovery Center in Ministry of Internal Affairs

2018 ◽  
Vol 31 ◽  
pp. 11013 ◽  
Author(s):  
Ari Kurnianto ◽  
Rizal Isnanto ◽  
Aris Puji Widodo
Keyword(s):  
Information Security ◽  
Data Center ◽  
Management System ◽  
Security Management ◽  
Data Recovery ◽  
Information Security Management ◽  
Road Map ◽  
Information Security Management System ◽  
Internal Affairs ◽  
Iec 27001

Information security is a problem effected business process of an organization, so it needs special concern. Information security assessment which is good and has international standard is done using Information Security Management System (ISMS) ISO/IEC 27001:2013. In this research, the high level assessment has been done using ISO/IEC 27001:2013 to observe the strength of information secuity in Ministry of Internal Affairs. The research explains about the assessment of information security management which is built using PHP. The input data use primary and secondary data which passed observation. The process gets maturity using the assessment of ISO/IEC 27001:2013. GAP Analysis observes the condition now a days and then to get recommendation and road map. The result of this research gets all of the information security process which has not been already good enough in Ministry of Internal Affairs, gives recommendation and road map to improve part of all information system being running. It indicates that ISO/IEC 27001:2013 is good used to rate maturity of information security management. As the next analyzation, this research use Clause and Annex in ISO/IEC 27001:2013 which is suitable with condition of Data Center and Data Recovery Center, so it gets optimum result and solving problem of the weakness information security.

Sign in / Sign up

Export Citation Format

Share Document