Open Access

Considerations on the implementation steps for an information security management system

Răzvan Cristian Ionescu
Răzvan Cristian Ionescu
, 
Ioana Ceaușu
Ioana Ceaușu
 and 
Cristian Ilie
Cristian Ilie
   | Jun 15, 2018
Proceedings of the International Conference on Business Excellence's Cover Image
About this article
Previous Article
Next Article
Cite
Published Online: Jun 15, 2018
Page range: 476 - 485
DOI: https://doi.org/10.2478/picbe-2018-0043
Keywords
© 2018 Răzvan Cristian Ionescu, published by Sciendo
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License.

AlHogail, A. (2015). Design and validation of information security culture framework., Computers in Human Behavior, 49, 567- 575.10.1016/j.chb.2015.03.054Search in Google Scholar

Beckers K., Côté I., Fenz S., Hatebur D., Heisel M. (2014) A Structured Comparison of Security Standards. In: Heisel M., Joosen W., Lopez J., Martinelli F. (eds) Engineering Secure Future Internet Services and Systems. Lecture Notes in Computer Science, 8431, Springer, Cham.10.1007/978-3-319-07452-8_1Search in Google Scholar

Da Veiga, A., Martins, N. (2015a). Improving the information security culture through monitoring and implementation actions illustrated through a case study. Computers & Security, 49, 162-176.10.1016/j.cose.2014.12.006Search in Google Scholar

Da Veiga, A., Martins, N. (2015b). Information security culture and information protection culture: A validated assessment instrument. Computer Law & Security Report, 31, 243-256.10.1016/j.clsr.2015.01.005Search in Google Scholar

Grance, T., Hash, J., Stevens, M., O’Neal, K., Bartol, N. (2003). SP 800-35 - Guide to Information Technology Security Services. Special Publication 800-35. National Institute of Standards and Technology - Technology Administration, U.S. Department of Commerce.10.6028/NIST.SP.800-35Search in Google Scholar

Hohan, A.I., Olaru, M., Pirnea, I.C. (2016). Assessment and continuous improvement of information security based on TQM and business excellence principles, Procedia Economics and Finance, 00, 352-359.10.1016/S2212-5671(15)01404-5Search in Google Scholar

Hoppe, O.A., Van Niekerk, J., Von Solms, R. (2002). The effective implementation of information security in organizations. IFIP/SEC2002 Security in the Information Society Visions and Perspectives International Conference, 17th Edition, May 7-9, Cairo, Egypt. 10.1007/978-0-387-35586-3_1Search in Google Scholar

ISO/IEC 27001:2013. (2013). Information technology -- Security techniques -- Information security management systems - Requirements. Retrieved from https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-2:v1:en [16.02.2018].Search in Google Scholar

ISO/IEC 27002:2013. (2013). Information technology -- Security techniques -- Code of practice for information security controls. Retrieved from https://www.iso.org/obp/ui/#iso:std:isoiec:27002:ed-2:v1:en [16.02.2019].Search in Google Scholar

ISO/IEC 27003:2010. (2010). Information technology - Security techniques - Information security management system implementation guidance. Retrieved from https://www.iso.org/obp/ui/#iso:std:iso-iec:27003:ed-2:v1:en [16.02.2018].Search in Google Scholar

Kadam, A. (2002). Implementation Methodology for Information Security Management System (to comply with BS 7799 Requirements). GSEC Practical Requirements (v.1.4b), SANS Institute, 2003.Search in Google Scholar

Kiehne, J., Ceaușu, I., Arp, A.-K., Schüler, T. (2017). Middle management's role in strategy implementation projects, Proceedings of the International Conference ICBE 11th Edition, March 2017, Bucharest, Romania.10.1515/picbe-2017-0058Search in Google Scholar

Maier, D., Olaru, M., Hohan, A., Maier, A. (2013). Development of an Organization by adopting the Integrated Management System, Proceedings of the 9th European Conference on Management Leadership and Governance, Nov 14-15, Klagenfurt, Austria.Search in Google Scholar

Moule, B., Giavara, L. (1995). Policies, procedures and standards: an approach for implementation. Information Management & Computer Security, 3 (3), 7-16.10.1108/09685229510092057Search in Google Scholar

Safa, N.S., Von Solms, R., Furnell, S. (2016). Information security policy compliance model in organizations. Computers & Security, 56, 1-13.10.1016/j.cose.2015.10.006Search in Google Scholar

Safa, N.S., Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442-451.10.1016/j.chb.2015.12.037Search in Google Scholar

Siponen, M., Willison, R. (2009). Information security management standards: Problems and solutions. Information & Management, 46 (5), 267 - 270.10.1016/j.im.2008.12.007Search in Google Scholar

Soomro, Z.A., Shah, M. H., Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36, 215-225.10.1016/j.ijinfomgt.2015.11.009Search in Google Scholar

Vroom C., von Solms R. (2002) A Practical Approach to Information Security Awareness in the Organization. In: Ghonaimy M.A., El-Hadidi M.T., Aslan H.K. (eds.) Security in the Information Society. IFIP Advances in Information and Communication Technology, 86, Springer, Boston, MA. 10.1007/978-0-387-35586-3_2Search in Google Scholar

Wood, C. C. (2002). Information Security Policies Made Easy: A Comprehensive Set of Information Security Policies: Version 9.0. PentaSafe Security Technologies.Search in Google Scholar

eISSN:
2558-9652
Language:
English
Publication timeframe:
Volume Open
Journal Subjects:
Business and Economics, Political Economics, other, Business Management, Industrial Chemistry, Energy Harvesting and Conversion
Journal RSS Feed