Practical Guidelines and Major Issues in Information Security Management Systems Implementations

DSpace Repository

Show simple item record

dc.contributor.author Lami KAYA; <p>Department of Computer Engineering, FATIH University,</p><p>Department of Computer Engineering, YILDIRIM BEYAZIT University</p>
dc.date 2013-06-17 09:59:54
dc.date.accessioned 2013-07-15T11:52:01Z
dc.date.accessioned 2015-11-23T16:01:19Z
dc.date.available 2013-07-15T11:52:01Z
dc.date.available 2015-11-23T16:01:19Z
dc.date.issued 2013-07-15
dc.identifier http://ecs.epoka.edu.al/index.php/iscim/iscim2011/paper/view/737
dc.identifier.uri http://dspace.epoka.edu.al/handle/1/736
dc.description.abstract Information is a major asset for any organization, to public or private. Threatsto information and information handling resources are getting more sophisticatedcontinuously. Also, regulatory requirements for data and system protection areincreasing in number as well as complexity. There are number of frameworks todeal with these issues systematically and effectively. One of such framework is theISO 27001 Information Security Management System (ISMS), which provides aframework for organizations to protect themselves against internal and externalthreats as well as natural disasters. The ISMS provides guidelines on how tomanage information processing, storage and transmission with appropriate controlsin order to avoid any security breaches. ISMS considers people, policies and ITtechnology as major categories of a security system. An organizations personal hasto be trained for establishing, implementing, operating, monitoring, reviewing,maintaining and continuous improving ISMS. Implementation of ISMS requiresrole-model attitude from the top management. Without a visionary and supportiveleadership, the ISMS cannot be used to properly identify and address the risks for anorganization. The practices show that an effective ISMS operation may requiremajor changes to some routine work practices. Clear direction from seniormanagers as well as coordination/support among team members is crucial for asuccessful ISMS project execution. In this work, some practical guidelines forsuccessful, cost effective and functional ISMS implementation will be provided.Also, observations gathered from years of auditing trails and lessons obtainedthrough practical applications will be presented. Major considerations for thesuccess/failure of security systems shall be discussed. It is concluded that security ispreparation of adequate policies/procedures/instructions and the support of wellinformed/diligent people, rather than utilization of sophisticated high-technologies.The importance of human factor for the success such management systems will beexemplified with real-life cases.
dc.format application/pdf
dc.language en
dc.publisher International Symposium on Computing in Informatics and Mathematics
dc.source International Symposium on Computing in Informatics and Mathematics; 1st International Symposium on Computing in Informatics and Mathematics
dc.title Practical Guidelines and Major Issues in Information Security Management Systems Implementations
dc.type Peer-reviewed Paper


Files in this item

This item appears in the following Collection(s)

  • ISCIM 2011
    1st International Symposium on Computing in Informatics and Mathematics

Show simple item record

Search DSpace


Browse

My Account