EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Considerations on the implementation steps for an information security management system

Ionescu Răzvan Cristian (), Ceaușu Ioana () and Ilie Cristian ()
Additional contact information
Ionescu Răzvan Cristian: The Bucharest University of Economic Studies, Bucharest, Romania
Ceaușu Ioana: The Bucharest University of Economic Studies, Bucharest, Romania
Ilie Cristian: The Bucharest University of Economic Studies, Bucharest, Romania

Proceedings of the International Conference on Business Excellence, 2018, vol. 12, issue 1, 476-485

Abstract: News about various information security attacks against companies appears almost every day. The sources of these attacks vary from cyber-criminals who want to steal companies’ data to demand a ransom, to current or former employees who want to create damage to the organization. The best way to defend organizational critical assets is to implement an Information Security Management System that secures all sensitive assets from confidentiality, availability and integrity perspective. An Information Security Management System offers top management a framework for sensitive information flow control. This framework includes with a risk assessment that considers the security threats and vulnerabilities of the company’s assets. Companies usually implement Information Security Management System only after they have a functional quality management system, which brings clarity and optimization to the company’s processes. Current approaches on creation and implementation of effective Information Security Management System are very theoretical and thus difficult to use in practice. The main objective of this paper is to present an Information Security Management System implementation method in the case of a small company by defining the basic steps in achieving a fully functional Information Security Management System. The proposed methodology considers the top management Information Security Management System objectives, organizational context, risks assessment and third parties expectations fulfillment.

Keywords: information security management system; ISMS implementation steps; ISMS implementation methodology; Organizational security; ISMS for small and medium enterprises; protection of company’s data; ISMS design (search for similar items in EconPapers)
Date: 2018
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://doi.org/10.2478/picbe-2018-0043 (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:vrs:poicbe:v:12:y:2018:i:1:p:476-485:n:43

DOI: 10.2478/picbe-2018-0043

Access Statistics for this article

Proceedings of the International Conference on Business Excellence is currently edited by Alina Mihaela Dima

More articles in Proceedings of the International Conference on Business Excellence from Sciendo
Bibliographic data for series maintained by Peter Golla ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-20
Handle: RePEc:vrs:poicbe:v:12:y:2018:i:1:p:476-485:n:43