Information Security Management (ISM)

Jarmila Šalgovičová; Vanessa Prajová

doi:10.2478/v10186-012-0019-0

.blurhash-client-img { display: none !important; }

Information Security Management (ISM)

Research Papers Faculty of Materials Science and Technology Slovak University of Technology

Volume 20 (2012): Issue Special-Number (December 2012)

By: Jarmila Šalgovičová and Vanessa Prajová

Open Access

|Feb 2013

Abstract

Currently, all organizations have to tackle the issue of information security. The paper deals with various aspects of Information Security Management (ISM), including procedures, processes, organizational structures, policies and control processes. Introduction of Information Security Management should be a strategic decision. The concept and implementation of Information Security Management in an organization are determined by the corporate needs and objectives, security requirements, the processes deployed as well as the size and structure of the organization. The implementation of ISM should be carried out to the extent consistent with the needs of the organization.

References

1. ISO/IEC 27002: 2007 Information technology. Security techniques. Code of practice for information security management
Search in Google Scholar
2. ISO/IEC Guide 73: 2002 Risk management. Vocabulary. Guidelines for use in standards
Search in Google Scholar
3. ISO/IEC 13335-1: 2004 Information technology security techniques. Management of information and communications technology security. Part 1: Concepts and models for information and communications technology security management
Search in Google Scholar
4. ISO/IEC 15408-1: 1999 Information technology. Security techniques. Evaluation criteria for IT security. Part 1: Introduction and general model
Search in Google Scholar
5. ISO/IEC 15489-1: 2001 Information and documentation. Records management. Part 1: General
Search in Google Scholar
6. OECD Guidelines for the Security of Information Systems and Networks. Towards a Culture of Security. 2002
Search in Google Scholar
7. ISO/IEC TR 18044 Information Technology. Security Techniques. Information security incident management
Search in Google Scholar

DOI: https://doi.org/10.2478/v10186-012-0019-0 | Journal eISSN: 1338-0532

Journal RSS Feed

Language: English

Page range: 114 - 119

Published on: Feb 12, 2013

Published by: Slovak University of Technology in Bratislava

In partnership with: Paradigm Publishing Services

Publication frequency: 2 issues per year

Keywords:

information security,

information security policy,

asset management of organization,

business continuity management,

management of intrusion

Related subjects:

Engineering,

Introductions and overviews,

Engineering, other

© 2013 Jarmila Šalgovičová, Vanessa Prajová, published by Slovak University of Technology in Bratislava
This work is licensed under the Creative Commons License.

Previous article Volume 20 (2012): Issue Special-Number (December 2012)Next article