Information Security Management System Standards in Hungarian Public Administration

Public administrative bodies play a key role in governmental level data asset management. A centralized regulation and toolset of these bodies is a strategic goal, but the experience of the implementation confirms that a meticulous and careful task must be faced. The diversity of the administrative bodies works against a quick change. The study aims to review the information protection obligations of Hungarian public administration bodies, emphasizing the importance of standard-based legal regulation and the centralizing and unifying nature of public administration IT developments. In addition to the historical and legal review, the authors also pay attention to the description of the standard application experience. The goal is to establish a comprehensive and effective regulatory system that may be available through the management system standards, especially the ISO 27000 standard family. It can be concluded that beyond the regulatory intentions in a diverse infrastructure, targeted training and more emphasis on promoting the acceptance of information security is necessary for success.