{"title":"Information Security Management in Small Public Sector Organizations: Requirements and Design of a Procedural Approach","authors":"F. Moses, Kurt Sandkuhl","doi":"10.7250/csimq.2023-37.03","DOIUrl":null,"url":null,"abstract":"The increasing digitalization of enterprises and public authorities has resulted in the growing importance of information technology in everyday operations. In this context, an information security management system (ISMS) has become an essential aspect for most organizations. The dependency on technology for almost every single process in an organization has put ISMS at the top of the corporate agenda of public sector organizations. For public organizations in particular, the NIS 2 Directive describes abstract requirements for the development of an ISMS. On the other hand, only a few public administrations operate an ISMS. In this context, this article analyses the requirements of the NIS-2 Directive and complements them with the obstacles and reasons for success in the introduction of ISMS in small public sector organizations (SPSO). At the same time, minimum requirements should be defined that help municipal administration set up an ISMS quickly and easily. This article summarizes the different requirements and generates a foundation for a rough procedural model, for implementing the upcoming requirements of the NIS 2 Directive in local governments. The article also presents the conceptual design of the procedural model.","PeriodicalId":404415,"journal":{"name":"Complex Systems Informatics and Modeling Quarterly","volume":" 40","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Complex Systems Informatics and Modeling Quarterly","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.7250/csimq.2023-37.03","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The increasing digitalization of enterprises and public authorities has resulted in the growing importance of information technology in everyday operations. In this context, an information security management system (ISMS) has become an essential aspect for most organizations. The dependency on technology for almost every single process in an organization has put ISMS at the top of the corporate agenda of public sector organizations. For public organizations in particular, the NIS 2 Directive describes abstract requirements for the development of an ISMS. On the other hand, only a few public administrations operate an ISMS. In this context, this article analyses the requirements of the NIS-2 Directive and complements them with the obstacles and reasons for success in the introduction of ISMS in small public sector organizations (SPSO). At the same time, minimum requirements should be defined that help municipal administration set up an ISMS quickly and easily. This article summarizes the different requirements and generates a foundation for a rough procedural model, for implementing the upcoming requirements of the NIS 2 Directive in local governments. The article also presents the conceptual design of the procedural model.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
