{"title":"建立安全及保安管理系统的架构","authors":"R. Kemp, Richard Smith","doi":"10.54216/jcim.090201","DOIUrl":null,"url":null,"abstract":"Safety and security risks to critical infrastructure organizations are well known, and incidents in both fields have taken place. To help critical infrastructure organizations manage these areas, safety and security standards have been created. The main aim of this paper is to present a framework that has been created to manage both safety and security by providing guidance on how to create a Safety and Security Management System (SSMS). The framework identifies and remediates conflicts and issues between IT, OT, safety, and security. While also creating processes that can combine safety and security compliance to standards to reduce duplication of work and allow one process to manage both areas. A survey was carried out to understand if the framework would be of use to organizations and to better understand the issues users have with managing safety and security and how they manage conflicts that can occur. The survey showed key areas of concern for organizations and how the framework can be of use to them. It identified six themes from the research and identified improvements opportunities for the framework that can be implemented.","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"67 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A Framework for creating a Safety and Security Management System (SSMS)\",\"authors\":\"R. Kemp, Richard Smith\",\"doi\":\"10.54216/jcim.090201\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Safety and security risks to critical infrastructure organizations are well known, and incidents in both fields have taken place. To help critical infrastructure organizations manage these areas, safety and security standards have been created. The main aim of this paper is to present a framework that has been created to manage both safety and security by providing guidance on how to create a Safety and Security Management System (SSMS). The framework identifies and remediates conflicts and issues between IT, OT, safety, and security. While also creating processes that can combine safety and security compliance to standards to reduce duplication of work and allow one process to manage both areas. A survey was carried out to understand if the framework would be of use to organizations and to better understand the issues users have with managing safety and security and how they manage conflicts that can occur. The survey showed key areas of concern for organizations and how the framework can be of use to them. It identified six themes from the research and identified improvements opportunities for the framework that can be implemented.\",\"PeriodicalId\":169383,\"journal\":{\"name\":\"Journal of Cybersecurity and Information Management\",\"volume\":\"67 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Cybersecurity and Information Management\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.54216/jcim.090201\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cybersecurity and Information Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.54216/jcim.090201","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Framework for creating a Safety and Security Management System (SSMS)
Safety and security risks to critical infrastructure organizations are well known, and incidents in both fields have taken place. To help critical infrastructure organizations manage these areas, safety and security standards have been created. The main aim of this paper is to present a framework that has been created to manage both safety and security by providing guidance on how to create a Safety and Security Management System (SSMS). The framework identifies and remediates conflicts and issues between IT, OT, safety, and security. While also creating processes that can combine safety and security compliance to standards to reduce duplication of work and allow one process to manage both areas. A survey was carried out to understand if the framework would be of use to organizations and to better understand the issues users have with managing safety and security and how they manage conflicts that can occur. The survey showed key areas of concern for organizations and how the framework can be of use to them. It identified six themes from the research and identified improvements opportunities for the framework that can be implemented.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
