• DocumentCode
    2364075
  • Title

    Information security management - a practical approach

  • Author

    Dey, Manik

  • Author_Institution
    Kuwait Inst. for Sci. Res. (KISR), Safat
  • fYear
    2007
  • fDate
    26-28 Sept. 2007
  • Firstpage
    1
  • Lastpage
    6
  • Abstract
    Information security is an important issue in today´s business. Information security management can no more be done by merely a set of hardware and software. Rather, it requires a complete end-to-end system. Such a system is called Information Security Management System (ISMS). It requires special focus and participation from all levels of employees with full commitments and responsibilities in establishing such a system and implementing it within the organization. ISO security standards and government compliance regulations guide and enforce organizations about certain requirements and norms. Organizations need to build an ISMS by combining all the bits and pieces as per their business needs. This paper illustrates a practical approach, as a ready reference, to build an ISMS in a business organization.
  • Keywords
    information management; security of data; ISO security standard; business organization; end-to-end system; government compliance regulation; information security management system; Hardware; IP networks; ISO standards; Information management; Information security; Management training; Organizational aspects; Physics computing; Protection; Standards organizations; Computer Security; ISO 17799 / 27001 Standards; Information Systems; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    AFRICON 2007
  • Conference_Location
    Windhoek
  • Print_ISBN
    978-1-4244-0987-7
  • Electronic_ISBN
    978-1-4244-0987-7
  • Type

    conf

  • DOI
    10.1109/AFRCON.2007.4401528
  • Filename
    4401528
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2364075