Risk assesment methods - ISO/IEC 27001 information security managament system's key element

被引:0
|
作者
Luczak, Jacek [1 ]
机构
[1] Uniwersytet Ekonomiczny Poznaniu, Katedra Znormalizowanych Syst Zarzadzania, Al Niepodleglosci 10, PL-61875 Poznan, Poland
来源
SCIENTIFIC JOURNALS OF THE MARITIME UNIVERSITY OF SZCZECIN-ZESZYTY NAUKOWE AKADEMII MORSKIEJ W SZCZECINIE | 2009年 / 19卷 / 91期
关键词
ISMS; ISO; /; IEC; 27001; risk assesment; risk management;
D O I
暂无
中图分类号
U6 [水路运输]; P75 [海洋工程];
学科分类号
0814 ; 081505 ; 0824 ; 082401 ;
摘要
The article presents the subject of the information security management system (ISMS) and it concentrates on the key aspect - the methods of estimating the risk. There are the risk, assessing the risk and risk management definitions in the first part; The review of the methods of estimating the risk was executed then. The selection of the method, to find the most adequate to the organization is the main problem in practical aspect of designing and implementing ISMS. It is really basis to designing solutions and controls to protect information in a system way.
引用
收藏
页码:63 / 70
页数:8
相关论文
共 43 条
  • [1] Information Security Risk Management: Handbook for ISO/IEC 27001
    Lomas, Elizabeth
    [J]. RECORDS MANAGEMENT JOURNAL, 2011, 21 (03) : 239 - +
  • [2] NEW STANDARD ISO/IEC 27001:2013 OF INFORMATION SECURITY MANAGEMENT SYSTEM
    Drastich, Martin
    [J]. KNOWLEDGE FOR MARKET USE 2014: MEDIA AND COMMUNICATION IN THE 21ST CENTURY, 2014, : 387 - 393
  • [3] AUTOMATION OF AN INFORMATION SECURITY MANAGEMENT SYSTEM BASED ON THE ISO/IEC 27001 STANDARD
    de la Rosa Martin, Tonyse
    [J]. REVISTA UNIVERSIDAD Y SOCIEDAD, 2021, 13 (05): : 495 - 506
  • [4] Information security and value creation: The performance implications of ISO/IEC 27001
    Podrecca, Matteo
    Culot, Giovanna
    Nassimbeni, Guido
    Sartor, Marco
    [J]. COMPUTERS IN INDUSTRY, 2022, 142
  • [5] ADOPTION OF STANDARD FOR INFORMATION SECURITY ISO/IEC 27001 IN BOSNIA AND HERZEGOVINA
    Skopak, Anis
    Sakanovic, Semir
    [J]. INTERNATIONAL CONFERENCE ON ECONOMIC AND SOCIAL STUDIES (ICESOS'16): REGIONAL ECONOMIC DEVELOPMENT: ENTREPNEURSHIP AND INNOVATION, 2016, : 35 - 42
  • [6] Information security fortification by ontological mapping of the ISO/IEC 27001 standard
    Fenz, Stefan
    Goluch, Gernot
    Ekelhart, Andreas
    Riedl, Bernhard
    Weippl, Edgar
    [J]. 13TH PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING, PROCEEDINGS, 2007, : 381 - +
  • [7] Information security and value creation: The performance implications of ISO/IEC 27001
    Podrecca, Matteo
    Culot, Giovanna
    Nassimbeni, Guido
    Sartor, Marco
    [J]. Computers in Industry, 2022, 142
  • [8] A Model of an Information Security Management System Based on NTC-ISO/IEC 27001 Standard
    Fonseca-Herrera, Omar A.
    Rojas, Alix E.
    Florez, Hector
    [J]. IAENG International Journal of Computer Science, 2021, 48 (02) : 1 - 10
  • [9] Information Security Management Systems - A Maturity Model Based on ISO/IEC 27001
    Proenca, Diogo
    Borbinha, Jose
    [J]. BUSINESS INFORMATION SYSTEMS (BIS 2018), 2018, 320 : 102 - 114
  • [10] COMPARATIVE STUDY REGARDING INTERNATIONAL STANDARDS ON INFORMATION SECURITY MANAGEMENT SYSTEMS IN ORGANIZATIONS: ISO/IEC 27001:2013 vs ISO/IEC 27001:2005
    Tiganoaia, Bogdan
    [J]. GLOBALIZATION AND INTERCULTURAL DIALOGUE: MULTIDISCIPLINARY PERSPECTIVES - ECONOMY AND MANAGEMENT, 2014, : 102 - 109
12345