A. Aginsa, Ian Yosef Matheus Edward, W. Shalannanda
{"title":"利用ISO 27001和zachman框架设计增强的信息安全管理体系框架-以XYZ公司为例","authors":"A. Aginsa, Ian Yosef Matheus Edward, W. Shalannanda","doi":"10.1109/ICWT.2016.7870853","DOIUrl":null,"url":null,"abstract":"Information is one of the organization's assets. It also determines the values of the company whether the company is a professional and trustworthy in keeping information both internal corporate information as well as information from the user side. But in carrying out its functions, the company would meet a variety of information security threats. Confidentiality, integrity, authenticity, and non-repudiation is information security aspects that concern the company to maintain business continuity and achieve its goals. Therefore, companies need to conduct a information security management. Based on the requirements above, the authors want to design a framework that can be used by companies to manage the security of information on the company. This framework will be the foundation for the company to implement the Information Security Management System in the right direction. This is done by adopting the ISO 27001 standard of the ISMS and mapping all aspect to company’s perspective. ISMS Framework are often high-level and theoretical, and do not offer practical suggestion to support their operationalization or implementation by practitioners. Here, the author presents a practitioner-oriented ISMS Framework to support XYZ Company.","PeriodicalId":216908,"journal":{"name":"2016 2nd International Conference on Wireless and Telematics (ICWT)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Enhanced information security management system framework design using ISO 27001 and zachman framework - A study case of XYZ company\",\"authors\":\"A. Aginsa, Ian Yosef Matheus Edward, W. Shalannanda\",\"doi\":\"10.1109/ICWT.2016.7870853\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Information is one of the organization's assets. It also determines the values of the company whether the company is a professional and trustworthy in keeping information both internal corporate information as well as information from the user side. But in carrying out its functions, the company would meet a variety of information security threats. Confidentiality, integrity, authenticity, and non-repudiation is information security aspects that concern the company to maintain business continuity and achieve its goals. Therefore, companies need to conduct a information security management. Based on the requirements above, the authors want to design a framework that can be used by companies to manage the security of information on the company. This framework will be the foundation for the company to implement the Information Security Management System in the right direction. This is done by adopting the ISO 27001 standard of the ISMS and mapping all aspect to company’s perspective. ISMS Framework are often high-level and theoretical, and do not offer practical suggestion to support their operationalization or implementation by practitioners. Here, the author presents a practitioner-oriented ISMS Framework to support XYZ Company.\",\"PeriodicalId\":216908,\"journal\":{\"name\":\"2016 2nd International Conference on Wireless and Telematics (ICWT)\",\"volume\":\"60 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 2nd International Conference on Wireless and Telematics (ICWT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICWT.2016.7870853\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 2nd International Conference on Wireless and Telematics (ICWT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICWT.2016.7870853","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Enhanced information security management system framework design using ISO 27001 and zachman framework - A study case of XYZ company
Information is one of the organization's assets. It also determines the values of the company whether the company is a professional and trustworthy in keeping information both internal corporate information as well as information from the user side. But in carrying out its functions, the company would meet a variety of information security threats. Confidentiality, integrity, authenticity, and non-repudiation is information security aspects that concern the company to maintain business continuity and achieve its goals. Therefore, companies need to conduct a information security management. Based on the requirements above, the authors want to design a framework that can be used by companies to manage the security of information on the company. This framework will be the foundation for the company to implement the Information Security Management System in the right direction. This is done by adopting the ISO 27001 standard of the ISMS and mapping all aspect to company’s perspective. ISMS Framework are often high-level and theoretical, and do not offer practical suggestion to support their operationalization or implementation by practitioners. Here, the author presents a practitioner-oriented ISMS Framework to support XYZ Company.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
