ISO/IEC 27001 Implementation in Public Organizations: A Case Study

被引：0

作者：

Sussy, Bayona ^{[1
]}

Wilber, Chauca ^{[1
]}

Milagros, Lopez ^{[1
]}

Carlos, Maldonado ^{[1
]}

机构：

[1] Univ Nacl Mayor San Marcos, Unidad Posgrado, Fac Ingn Sistemas & Informat, Av German Amezaga 375, Lima, Peru

来源：

2015 10TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI) | 2015年

关键词：

critical success factors; NTP ISO/IEC 27001; information security management system; ISMS;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In recent years, due to the intensive use of information technology, the information security has become a crucial and strategic issue in organizational management. Various standards and guidelines for security information as ISO/IEC 27001, ISO/IEC 27002, and COBIT have been developed; however, organizations still face difficulties in their implementation. This paper presents the current situation of the ISO/IEC 27001 implementation process in Peruvian public organizations. As a result of literature review, the critical success factors for successful implementation of ISO/IEC 7001 were identified. Furthermore, it was conducted a review of the ISO/IEC 27001 implementation in five organizations, taking into consideration the critical success factors identified. From the results obtained, it is concluded that there is the need for considering not only technical, legal, and organizational issues but also factors related to people such as training, knowledge and awareness raising in order to get success of information security management.

引用

页数：6

共 50 条

[1] On the Track of ISO/IEC 27001:2013 Implementation Difficulties in Portuguese Organizations
Longras, Ana
Pereira, Teresa
Carneiro, Pedro
Pinto, Pedro
2018 9TH INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEMS (IS), 2018, : 886 - 890
[2] COMPARATIVE STUDY REGARDING INTERNATIONAL STANDARDS ON INFORMATION SECURITY MANAGEMENT SYSTEMS IN ORGANIZATIONS: ISO/IEC 27001:2013 vs ISO/IEC 27001:2005
Tiganoaia, Bogdan
GLOBALIZATION AND INTERCULTURAL DIALOGUE: MULTIDISCIPLINARY PERSPECTIVES - ECONOMY AND MANAGEMENT, 2014, : 102 - 109
[3] Could an ISMS Model (ISO/IEC 27001:2013 Standard) Implementation Really Protect Public Data?
Tintin, Romel
Hidalgo, Monica
2023 NINTH INTERNATIONAL CONFERENCE ON EDEMOCRACY & EGOVERNMENT, ICEDEG, 2023, : 83 - 87
[4] 聚焦ISO/IEC 27001:2013
韩广福
认证技术, 2013, (12) : 52 - 52
[5] ADOPTION OF THE INFORMATION SECURITY MANAGEMENT SYSTEM STANDARD ISO/IEC 27001: A STUDY AMONG GERMAN ORGANIZATIONS
Mirtsch, Mona
INTERNATIONAL JOURNAL FOR QUALITY RESEARCH, 2023, 17 (03) : 747 - 768
[6] Integrating ISO/IEC 27001 and other managerial discipline standards with processes of management in organizations
Anttila, Juhani
Jussila, Kari
Kajava, Jorma
Kamaja, Ilkka
2012 SEVENTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES), 2012, : 425 - 436
[7] ISO/IEC 27001与ISO/IEC 27002标准的演变
谢宗晓
王静漪
中国标准导报, 2015, (07) : 48 - 52
[8] Der Standard ISO/IEC 27001:2013
Kai Jendrian
Datenschutz und Datensicherheit - DuD, 2014, 38 (8) : 552 - 557
[9] ISO/IEC 27001∶2022标准正式发布
上海质量, 2022, (11) : 44 - 44
[10] Exploring the Reasons Behind the Low ISO 27001 Adoption in Public Organizations in Saudi Arabia
Alshitri, Khalid I.
Abanumy, Abdulmohsen N.
2014 INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND APPLICATIONS (ICISA), 2014,

← 1 2 3 4 5 →