Aspects regarding the implementation of information security standards in organizations

Authors

  • Mihai Bârsan "Transilvania" University of Brasov

DOI:

https://doi.org/10.26660/rrbsi.2017.13.1.21

Keywords:

ISO 27001, information security, databases, security policy

Abstract

Information security is one of the major challenges of the information and knowledge based society. The preoccupation of organizations to ensure the security of information in the digital environment has led to the emergence of specific standards in the field. Thus, ISO 27000 brings together reference standards in the field. Starting from ISO 27001, which summarizes policies and procedures on physical, legal and technological security risks, this paper looks at the steps the organization must undertake to implement the standards.

References

Giraldo, G. (2014) Motivating Information Security Awareness (ISA): an Action Research Study, dissertation, Syracuse University.

Jobi, O. (2012) Human Resources Managers' Perception of Utilization and Adoption of Information Security Policy, dissertation, Capella University.

(ISO 27001): Information Security Management System (2013), Geneva: International Organization for Standardization.

(ISO 27001): Information Security Management System - Annex A (2013), Geneva: International Organization for Standardization.

Tapomoy, K., Shounak, G. and Shameek, G. (2015) Trends & Emerging Areas in Merchant Acquiring Industry, International Journal of Economics and Finance, 7(1), pp. 229-240, available: https://doi.org/10.5539/ijef.v7n1p229.

Downloads

Published

2017-06-20

How to Cite

Bârsan, M. (2017). Aspects regarding the implementation of information security standards in organizations. Revista Română De Biblioteconomie și Știința Informării = Romanian Journal of Library and Information Science, 13(1), 21–26. https://doi.org/10.26660/rrbsi.2017.13.1.21

Issue

Section

Review articles