Development of the Information Security Management System Standard for Public Sector Organisations in Estonia

IF 7.4 3区管理学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Business & Information Systems Engineering Pub Date : 2021-01-01 DOI:10.52825/bis.v1i.43

M. Seeba, Raimundas Matulevičius, Ilmar Toom

引用次数: 1

Abstract

Standardisation gives us a common understanding or processes to do something in a commonly accepted way. In information security management, it means to achieve the appropriate security level in the context of known and unknown risks. Each government’s goal should be to provide digital services to its citizens with the acceptable level of confidentiality, integrity and availability. This study elicits the EU countries’ requirements for information security management system (ISMS) standards and provides the standards’ comparison requirements. The Estonian case is an example to illustrate the method when choosing or developing the appropriate ISMS standard to public sector organisations.

查看原文本刊更多论文

爱沙尼亚公共部门组织信息安全管理体系标准的制定

标准化为我们提供了一个共同的理解或过程，以一种普遍接受的方式做某事。在信息安全管理中，它意味着在已知和未知风险的情况下达到适当的安全级别。每个政府的目标都应该是为其公民提供保密性、完整性和可用性可接受的数字服务。本研究引出了欧盟国家对信息安全管理体系(ISMS)标准的要求，并提供了标准的比较要求。爱沙尼亚的案例是一个例子，说明了选择或制定适当的公共部门组织ISMS标准时的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Business & Information Systems Engineering Computer Science-Information Systems

CiteScore

13.60

自引率

7.60%

发文量

审稿时长

3 months

期刊介绍： Business & Information Systems Engineering (BISE) is a double-blind peer-reviewed journal with a primary focus on the design and utilization of information systems for social welfare. The journal aims to contribute to the understanding and advancement of information systems in ways that benefit societal well-being.