Title :
Influence of established information security governance and infrastructure on future security certifications
Author :
Sedinic, Ivan ; Lovric, Zrinka
Author_Institution :
Data & IT-NT Security Work Unit, Croatian Telecom, Zagreb, Croatia
Abstract :
In today business environment different security certificates are not any more “nice to have” feature but business prerequisite for service providers. PCI DSS certification is a must for card issuers and merchants and ISO27001 certification is very often prerequisite to qualify for ICT services offering. In this paper will be shown how proper security governance and security framework on which is built adequate security infrastructure could simplify and speed up certification process, while at the same time reduce cost of certification. Additionally, on examples of ISO27001 and PCI DSS, influence of one existing certificate on certification process for other certificate will be analyzed.
Keywords :
ISO standards; certification; security of data; smart cards; ICT services; ISO27001 certification; PCI DSS certification; business environment; certification cost reduction; information security governance; payment card industry data security standard; security certification infrastructure; security framework; service providers; Certification; Companies; Decision support systems; IEC standards; ISO standards; Information security;
Conference_Titel :
Information & Communication Technology Electronics & Microelectronics (MIPRO), 2013 36th International Convention on
Conference_Location :
Opatija
Print_ISBN :
978-953-233-076-2
