Collaborative risk method for information security management practices: A case context within Turkey

被引:18
|
作者
Ozkan, Sevgi [1 ]
Karabacak, Bilge [1 ,2 ]
机构
[1] Middle E Tech Univ, Inst Informat, TR-06531 Ankara, Turkey
[2] Sci & Technol Res Council Turkey, Ankara, Turkey
来源
INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT | 2010年 / 30卷 / 06期
关键词
ISO/IEC 27001:2005; ISO/IEC 27002:2005; Information security; Risk analysis; Flow chart; Case process approach; Information security governance; SYSTEM;
D O I
10.1016/j.ijinfomgt.2010.08.007
中图分类号
G25 [图书馆学、图书馆事业]; G35 [情报学、情报工作];
学科分类号
1205 ; 120501 ;
摘要
In this case study, a collaborative risk method for information security management has been analyzed considering the common problems encountered during the implementation of ISO standards in eight Turkish public organizations. This proposed risk method has been applied within different public organizations and it has been demonstrated to be effective and problem-free. The fundamental issue is that there is no legislation that regulates the information security liabilities of the public organizations in Turkey. The findings and lessons learned presented in this case provide useful insights for practitioners when implementing information security management projects in other international public sector organizations. (C) 2010 Elsevier Ltd. All rights reserved.
引用
收藏
页码:567 / 572
页数:6
相关论文
共 50 条
  • [1] Enterprise information systems within the context of information security: a risk assessment for a health organization in Turkey
    Eroglu, Sahika
    Cakmak, Tolga
    [J]. INTERNATIONAL CONFERENCE ON ENTERPRISE INFORMATION SYSTEMS/INTERNATIONAL CONFERENCE ON PROJECT MANAGEMENT/INTERNATIONAL CONFERENCE ON HEALTH AND SOCIAL CARE INFORMATION SYSTEMS AND TECHNOLOGIES, CENTERIS/PROJMAN / HCIST 2016, 2016, 100 : 979 - 986
  • [2] The Case for improvisation in information Security Risk Management
    Njenga, Kennedy
    Brown, Irwin
    [J]. E-GOVERNMENT, E-SERVICES AND GLOBAL PROCESSES, 2010, 334 : 220 - +
  • [3] Information Security Management Practices: Case Studies from India
    Singh, Abhishek Narain
    Gupta, M. P.
    [J]. GLOBAL BUSINESS REVIEW, 2019, 20 (01) : 253 - 271
  • [4] A Collaborative Process Based Risk Analysis for Information Security Management Systems
    Karabacak, Bilge
    Ozkan, Sevgi
    [J]. PROCEEDINGS OF THE 5TH INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2010, : 182 - 192
  • [5] Security for System Wide Information Management Collaborative Information Management
    Wilson, Ian
    Yang, Sherry
    [J]. 2017 INTEGRATED COMMUNICATIONS, NAVIGATION AND SURVEILLANCE CONFERENCE (ICNS), 2017,
  • [6] A Participative and Collaborative Approach for Security Risk Management Modelling in the Context of Essential Services
    Aubert, Jocelyn
    Cholez, Herve
    [J]. INFORMATION SYSTEMS AND TECHNOLOGIES, WORLDCIST 2022, VOL 3, 2022, 470 : 132 - 141
  • [7] Collaborative Learning : A Case Study on Information Security and Auditing Management Course
    Parkavi, R.
    Karthikeyan, P.
    Abdullah, A. Sheik
    [J]. 2022 International Conference for Advancement in Technology, ICONAT 2022, 2022,
  • [8] A Case Study on Risk Management of Enterprise Information Security
    Huang, Rengen
    Zhu, Zhen
    [J]. 2015 2nd International Conference on Creative Education (ICCE 2015), Pt 2, 2015, 11 : 201 - 208
  • [9] Information governance: information security and access within a UK context
    Lomas, Elizabeth
    [J]. RECORDS MANAGEMENT JOURNAL, 2010, 20 (02) : 182 - +
  • [10] Information Security Risk Assessment and Management Method in Computer Networks
    Anikin, Igor V.
    [J]. 2015 INTERNATIONAL SIBERIAN CONFERENCE ON CONTROL AND COMMUNICATIONS (SIBCON), 2015,
12345