A. Aginsa, Ian Yosef Matheus Edward, W. Shalannanda
{"title":"Enhanced information security management system framework design using ISO 27001 and zachman framework - A study case of XYZ company","authors":"A. Aginsa, Ian Yosef Matheus Edward, W. Shalannanda","doi":"10.1109/ICWT.2016.7870853","DOIUrl":null,"url":null,"abstract":"Information is one of the organization's assets. It also determines the values of the company whether the company is a professional and trustworthy in keeping information both internal corporate information as well as information from the user side. But in carrying out its functions, the company would meet a variety of information security threats. Confidentiality, integrity, authenticity, and non-repudiation is information security aspects that concern the company to maintain business continuity and achieve its goals. Therefore, companies need to conduct a information security management. Based on the requirements above, the authors want to design a framework that can be used by companies to manage the security of information on the company. This framework will be the foundation for the company to implement the Information Security Management System in the right direction. This is done by adopting the ISO 27001 standard of the ISMS and mapping all aspect to company’s perspective. ISMS Framework are often high-level and theoretical, and do not offer practical suggestion to support their operationalization or implementation by practitioners. Here, the author presents a practitioner-oriented ISMS Framework to support XYZ Company.","PeriodicalId":216908,"journal":{"name":"2016 2nd International Conference on Wireless and Telematics (ICWT)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 2nd International Conference on Wireless and Telematics (ICWT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICWT.2016.7870853","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 10
Abstract
Information is one of the organization's assets. It also determines the values of the company whether the company is a professional and trustworthy in keeping information both internal corporate information as well as information from the user side. But in carrying out its functions, the company would meet a variety of information security threats. Confidentiality, integrity, authenticity, and non-repudiation is information security aspects that concern the company to maintain business continuity and achieve its goals. Therefore, companies need to conduct a information security management. Based on the requirements above, the authors want to design a framework that can be used by companies to manage the security of information on the company. This framework will be the foundation for the company to implement the Information Security Management System in the right direction. This is done by adopting the ISO 27001 standard of the ISMS and mapping all aspect to company’s perspective. ISMS Framework are often high-level and theoretical, and do not offer practical suggestion to support their operationalization or implementation by practitioners. Here, the author presents a practitioner-oriented ISMS Framework to support XYZ Company.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
