To see the other types of publications on this topic, follow the link: IEC 27004.

Journal articles on the topic 'IEC 27004'

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'IEC 27004.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Winarni, Ade. "Penilaian Tingkat Efektivitas Penerapan Keamanan Sistem Informasi Menggunakan Iso/Iec 27004:2009 Dan Iso/Sni 27001:2009 (Studi." Jurnal Bangkit Indonesia 5, no. 2 (2016): 90. http://dx.doi.org/10.52771/bangkitindonesia.v5i2.77.

Full text
Abstract:
Sejak tahun 2014 STT Indonesia Tanjungpinang sudah menerapkan kebijakan SMKI, hal ini guna menunjang oprasional penerapan sistem informasi khususnya sistem informasi akademik dan keuangan (SIMAK), namun sampai saat ini belum dilakukan evaluasi terhadap penerapan SMKI tersebut. Maka dari itu penelitian ini berfokus pada penilaian tingkat efektivitas penerapan keamanan sistem informasi menggunakan ISO/IEC 27004. Untuk memastikan bahwa kebijakan SMKI yang sudah diterapkan saat ini berjalan dengan baik. Tahap yang dilakukan dimulai dari pengukuran tingkat efektivitas penerapan keamanan sistem info
APA, Harvard, Vancouver, ISO, and other styles
2

Disterer, Georg. "ISO/IEC 27000, 27001 and 27002 for Information Security Management." Journal of Information Security 04, no. 02 (2013): 92–100. http://dx.doi.org/10.4236/jis.2013.42011.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Aldya, A. P., S. Sutikno, and Y. Rosmansyah. "Measuring effectiveness of control of information security management system based on SNI ISO/IEC 27004: 2013 standard." IOP Conference Series: Materials Science and Engineering 550 (August 23, 2019): 012020. http://dx.doi.org/10.1088/1757-899x/550/1/012020.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Diamantopoulou, Vasiliki, Aggeliki Tsohou, and Maria Karyda. "From ISO/IEC27001:2013 and ISO/IEC27002:2013 to GDPR compliance controls." Information & Computer Security 28, no. 4 (2020): 645–62. http://dx.doi.org/10.1108/ics-01-2020-0004.

Full text
Abstract:
Purpose This paper aims to identify the controls provisioned in ISO/IEC 27001:2013 and ISO/IEC 27002:2013 that need to be extended to adequately meet, data protection requirements set by the General Data Protection Regulation (GDPR); it also indicates security management actions an organisation needs to perform to fulfil GDPR requirements. Thus, ISO/IEC 27001:2013 compliant organisations, can use this paper as a basis for extending the already existing security control modules towards data protection; and as guidance for reaching compliance with the regulation. Design/methodology/approach This
APA, Harvard, Vancouver, ISO, and other styles
5

ال فيحان, اثير عبد الهادي, та عامر حمدي عبد غريب. "تقييم نظام أدارة امن المعلومات في الهيئة العراقية للحاسبات والمعلوماتية على وفق المواصفة الدولية (ISO/IEC 27001:2013". Journal of Economics and Administrative Sciences 21, № 86 (2015): 1. http://dx.doi.org/10.33095/jeas.v21i86.764.

Full text
Abstract:
تضمّن البحث الحالي (تقييم نظام ادارة امن المعلومات على وفق المواصفة الدولية (ISO/IEC 27001:2013) في الهيئة العراقية للحواسيب والمعلوماتية) , اذ يعد وضع نظام اداري لامن المعلومات من الأولويات في الوقت الحاضر, وفي ظل اعتماد المنظمات على الحواسيب وتقانة المعلومات في العمل والتواصل مع الاخرين , تبقى الشرعية الدولية (والمتمثلة بمنظمة التقييس الدولية (ISO)) اساساً للمطابقة والالتزام, وتتجلى اهمية تطبيق نظام ادارة امن المعلومات على وفق المواصفة الدولية (ISO/IEC 27001:2013) في حماية موجودات المنظمات وبخاصة المعلومات وقواعد البيانات بشكل منهجي ومستمر.
 هدف البحث اجراء تقييم ما بين نظام ادارة امن ا
APA, Harvard, Vancouver, ISO, and other styles
6

Sugianto, Anindya Dwi Lestari, Febriliyan Samopa, and Hanim Maria Astuti. "PENILAIAN DAN KONTROL RISIKO TERHADAP INFRASTRUKTUR DAN KEAMANAN INFORMASI BERDASARKAN STANDAR ISO/IEC 27001:2013 (STUDI KASUS: INSTITUT TEKNOLOGI SEPULUH NOPEMBER)." Sebatik 24, no. 1 (2020): 96–101. http://dx.doi.org/10.46984/sebatik.v24i1.910.

Full text
Abstract:
Direktorat Pengembangan Teknologi dan Sistem Informasi (DPTSI) Institut Teknologi Sepuluh Nopember (ITS) Surabaya merupakan direktorat yang memiliki fungsi menangani seluruh aktivitas yang berhubungan dengan sistem dan teknologi informasi di ruang lingkup ITS. Risiko yang muncul dalam organisasi di bidang sistem dan teknologi informasi terutama pada ruang lingkup infrastruktur dan keamanan informasi, seperti adanya kerusakan aset, pencurian data, layanan yang tidak bisa diakses. Tindakan penanganan risiko terkait ruang lingkup infrastruktur dan keamanan informasi di DPTSI ITS belum diterapkan
APA, Harvard, Vancouver, ISO, and other styles
7

Mauladani, Furqon, and Daniel Oranova Siahaan. "Perancangan SMKI Berdasarkan SNI ISO/IEC27001:2013 dan SNI ISO/IEC27005:2013 (Studi Kasus DPTSI-ITS)." CSRID (Computer Science Research and Its Development Journal) 10, no. 1 (2018): 32. http://dx.doi.org/10.22303/csrid.10.1.2018.32-43.

Full text
Abstract:
<p><em>Institut Teknologi Sepuluh Nopember (ITS) adalah salah satu universitas di Surabaya. ITS telah menggunakan TIK untuk keperluan operasional bisnisnya (contohnya isi kartu program studi, proses absensi, pembaharuan informasi, dan lainnya). Penggunaan TIK tidak dapat dipisahkan dari ancaman yang dapat mengganggu operasional TIK. Ancaman terdiri dari ancaman yang berasal dari luar (penyebaran malware, aktifitas social engineering), orang dalam (sengaja, tidak sengaja), kegagalan teknis (kesalahan penggunaan, kegagalan perangkat keras/lunak) ataupun bencana alam (kebakaran, gempa
APA, Harvard, Vancouver, ISO, and other styles
8

Hermawan, Wawan. "Perancangan Manajemen Risiko Keamanan Informasi pada Penyelenggara Sertifikasi Elektronik (PSrE)." Jurnal Telekomunikasi dan Komputer 9, no. 2 (2019): 129. http://dx.doi.org/10.22441/incomtech.v9i2.6474.

Full text
Abstract:
Badan Pengkajian dan Penerapan Teknologi (BPPT) merupakan Penyelenggara Sertifikasi Elektronik (PSrE) untuk instansi pemerintah. Berdasarkan Peraturan Pemerintah No.82 Tahun 2012 Penyelenggara Sertifikasi Elektronik (PSrE) BPPT dikategorikan sebagai Penyelenggara Sistem Elektronik yang termasuk dalam Penyelenggara Sistem Elektronik strategis dan tinggi sehingga diwajibkan untuk memiliki sistem manajemen keamanan informasi. Dalam penelitian ini, untuk mendukung Penyelenggara Sertifikasi Elektronik (PSrE) BPPT memiliki sistem manajemen keamanan informasi maka dilakukan perancangan manajemen risi
APA, Harvard, Vancouver, ISO, and other styles
9

Fauzi, Rokhman. "Implementasi Awal Sistem Manajemen Keamanan Informasi pada UKM Menggunakan Kontrol ISO/IEC 27002." JTERA (Jurnal Teknologi Rekayasa) 3, no. 2 (2018): 145. http://dx.doi.org/10.31544/jtera.v3.i2.2018.145-156.

Full text
Abstract:
Informasi merupakan aset organisasi yang harus dilindungi keamanannya. Sistem manajemen keamanan informasi diimplementasikan untuk melindungi aset informasi dari berbagai ancaman untuk menjamin kelangsungan usaha, meminimalisasi kerusakan akibat terjadinya ancaman, mempercepat kembalinya investasi, dan peluang usaha. Pada penelitian ini, standar internasional ISO/IEC 27001 dan analisis risiko metode OCTAVE-S digunakan dalam perancangan sistem manajemen keamanan informasi di salah satu perusahaan yang merupakan sebuah Usaha Kecil Menengah (UKM) yang bergerak di bidang engineering services. Sesu
APA, Harvard, Vancouver, ISO, and other styles
10

Choi, Ju-Young, Eun-Jung Choi, and Myuhng-Joo Kim. "A Comparison Study between Cloud Service Assessment Programs and ISO/IEC 27001:2013." Journal of Digital Policy and Management 12, no. 1 (2014): 405–14. http://dx.doi.org/10.14400/jdpm.2014.12.1.405.

Full text
APA, Harvard, Vancouver, ISO, and other styles
11

Nykänen, Riku, and Tommi Kärkkäinen. "Aligning Two Specifications for Controlling Information Security." International Journal of Cyber Warfare and Terrorism 4, no. 2 (2014): 46–62. http://dx.doi.org/10.4018/ijcwt.2014040104.

Full text
Abstract:
Assuring information security is a necessity in modern organizations. Many recommendations for information security management exist, which can be used to define a baseline of information security requirements. ISO/IEC 27001 prescribes a process for an information security management system, and guidance to implement security controls is provided in ISO/IEC 27002. Finnish National Security Auditing Criteria (KATAKRI) has been developed by the national authorities in Finland as a tool to verify maturity of information security practices. KATAKRI defines both security control objectives and secu
APA, Harvard, Vancouver, ISO, and other styles
12

Jendrian, Kai. "Der Standard ISO/IEC 27001:2013." Datenschutz und Datensicherheit - DuD 38, no. 8 (2014): 552–57. http://dx.doi.org/10.1007/s11623-014-0182-x.

Full text
APA, Harvard, Vancouver, ISO, and other styles
13

Pordesch, Ulrich. "DIN ISO/IEC 27001-orientiertes ISMS." Datenschutz und Datensicherheit - DuD 41, no. 11 (2017): 667–71. http://dx.doi.org/10.1007/s11623-017-0855-3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
14

Medve, Anna. "Model-based Framework for Change Management and Integrated Development of Information Security." INTERNATIONAL JOURNAL OF MANAGEMENT & INFORMATION TECHNOLOGY 5, no. 3 (2013): 586–97. http://dx.doi.org/10.24297/ijmit.v5i3.4225.

Full text
Abstract:
This paper introduces a business process-based goal-oriented framework which consists of generic and specific model repositories, and of methodology for integrated change management of business and IT evolutions. Sets of generic models of ISO/IEC 27001 and 27002 standards for information security support developers and decision makers in MDE process. The techniques and tools used are from the User Requirements Notation technologies for model compositions and traceability assessments of goal-oriented and scenario-based models. An example is given from the instantiation of framework for B2B chan
APA, Harvard, Vancouver, ISO, and other styles
15

Medve, Anna. "Model-based Framework for Change Management and Integrated Devlopment of Information Security." INTERNATIONAL JOURNAL OF MANAGEMENT & INFORMATION TECHNOLOGY 5, no. 3 (2018): 586–97. http://dx.doi.org/10.24297/ijmit.v5i3.759.

Full text
Abstract:
This paper introduces a business process-based goal-oriented framework which consists of generic and specific model repositories, and of methodology for integrated change management of business and IT evolutions. Sets of generic models of ISO/IEC 27001 and 27002 standards for information security support developers and decision makers in MDE process. The techniques and tools used are from the User Requirements Notation technologies for model compositions and traceability assessments of goal-oriented and scenario-based models. An example is given from the instantiation of framework for B2B chan
APA, Harvard, Vancouver, ISO, and other styles
16

Akowuah, Francis, Xiaohong Yuan, Jinsheng Xu, and Hong Wang. "A Survey of Security Standards Applicable to Health Information Systems." International Journal of Information Security and Privacy 7, no. 4 (2013): 22–36. http://dx.doi.org/10.4018/ijisp.2013100103.

Full text
Abstract:
The information maintained by Health Information Systems (HIS) is often faced with security threats from a wide range of sources. Some government's regulations require healthcare organizations and custodians of personal health information to take practical steps to address the security and privacy needs of personal health information. Standards help to ensure an adequate level of security is attained, resources are used efficiently and the best security practices are adopted. In this paper, the authors survey security standards applicable to healthcare industry including Control OBjective for
APA, Harvard, Vancouver, ISO, and other styles
17

Litvinchuk, Iryna, Ruslan Korchomnyi, Nataliia Korshun, and Maksym Vorokhob. "APPROACH TO INFORMATION SECURITY RISK ASSESSMENT FOR A CLASS «1» AUTOMATED SYSTEM." Cybersecurity: Education, Science, Technique 2, no. 10 (2020): 98–112. http://dx.doi.org/10.28925/2663-4023.2020.10.98112.

Full text
Abstract:
The article is devoted to the assessment of information security risks in automated systems of class "1". An adapted approach to the assessment of information security risks in such automated systems using the Methodology and requirements of the standards of GSTU SUIB 1.0 / ISO / IEC 27001: 2010 and GSTU SUIB 2.0 / ISO / IEC 27002: 2010 is proposed. The efficiency and methods of implementation of the approach are proved on the example of consideration of real threats and vulnerabilities of class 1 automated systems. The main requirement for the creation of information security management syste
APA, Harvard, Vancouver, ISO, and other styles
18

Kurnianto, Ari, Rizal Isnanto, and Aris Puji Widodo. "Assessment of Information Security Management System based on ISO/IEC 27001:2013 On Subdirectorate of Data Center and Data Recovery Center in Ministry of Internal Affairs." E3S Web of Conferences 31 (2018): 11013. http://dx.doi.org/10.1051/e3sconf/20183111013.

Full text
Abstract:
Information security is a problem effected business process of an organization, so it needs special concern. Information security assessment which is good and has international standard is done using Information Security Management System (ISMS) ISO/IEC 27001:2013. In this research, the high level assessment has been done using ISO/IEC 27001:2013 to observe the strength of information secuity in Ministry of Internal Affairs. The research explains about the assessment of information security management which is built using PHP. The input data use primary and secondary data which passed observat
APA, Harvard, Vancouver, ISO, and other styles
19

Loomans, Dirk, and Manuela Matz. "ISO/IEC 27001:2013 — Sicherheit durch mehr Freiheit!" Wirtschaftsinformatik & Management 6, no. 2 (2014): 62–67. http://dx.doi.org/10.1365/s35764-014-0404-x.

Full text
APA, Harvard, Vancouver, ISO, and other styles
20

Kholis Gunawan, Nur, Raden Budiarto Hadiprakoso, and Herman Kabetta. "Comparative Study Between the Integration of ITIL and ISO / IEC 27001 with the Integration of COBIT and ISO / IEC 27001." IOP Conference Series: Materials Science and Engineering 852 (July 21, 2020): 012128. http://dx.doi.org/10.1088/1757-899x/852/1/012128.

Full text
APA, Harvard, Vancouver, ISO, and other styles
21

Musyarofah, Sitta Rif’atul, and Rahadian Bisma. "Analisis kesenjangan sistem manajemen keamanan informasi (SMKI) sebagai persiapan sertifikasi ISO/IEC 27001:2013 pada institusi pemerintah." Teknologi 11, no. 1 (2021): 1–15. http://dx.doi.org/10.26594/teknologi.v11i1.2152.

Full text
Abstract:
The Madiun City Communication and Informatics Service (Diskominfo) is a government institution that has the responsibility for managing information and communication technology in the Madiun city government. As a government institution to serving and providing information to the public, Diskominfo Madiun City is vulnerable to information security threats that can hinder its performance. Information Security Management System ISO / IEC 2701: 2013 is a system that expected to be able to provide effectiveness and efficiency of information security management at Diskominfo Madiun city. This resear
APA, Harvard, Vancouver, ISO, and other styles
22

Sundari, Piski, and Wella Wella. "SNI ISO/IEC 27001 dan Indeks KAMI: Manajemen Risiko PUSDATIN (PUPR)." Ultima InfoSys : Jurnal Ilmu Sistem Informasi 12, no. 1 (2021): 35–42. http://dx.doi.org/10.31937/si.v12i1.1701.

Full text
Abstract:
Pusdatin of the Ministry of Public Works and Public Housing is an institution that manages data and information to support management within the ministry of public works. This research was conducted to evaluate the maturity of agencies prior to conducting an external audit of ISO 27001: 2013 certification. The method used in this research is PDCA (Plan-Do-Check-Act) using our index and ISO 27001, the technicality of this research starts from a check for analysis of current conditions, Act is carried out for assessment of the WE index, Plan compares our index results with ISO 27001, and Do cont
APA, Harvard, Vancouver, ISO, and other styles
23

Pradipta, Yudhistira Candra, Yani Rahardja, and Melkior Nikolar Ngalumsine Sitokdana. "AUDIT SISTEM MANAJEMEN KEAMANAN INFORMASI PUSAT TEKNOLOGI INFORMASI DAN KOMUNIKASI PENERBANGAN DAN ANTARIKSA (PUSTIKPAN) MENGGUNAKAN SNI ISO/IEC 27001:2013." Sebatik 23, no. 2 (2019): 352–58. http://dx.doi.org/10.46984/sebatik.v23i2.782.

Full text
Abstract:
Penerapan tata kelola Teknologi Informasi dan Komunikasi (TIK) saat ini sudah menjadi kebutuhan dan tuntutan di setiap instansi penyelenggara pelayanan publik mengingat peran TIK yang semakin penting bagi upaya peningkatan kualitas layanan sebagai salah satu realisasi dari tata kelola pemerintahan yang baik (Good Corporate Governance). Untuk maksud tersebut maka perlu dilakukan penelitian untuk mengaudit Sistem Manajemen Keamanan Informasi di Pusat Teknologi Informasi dan Komunikasi Penerbangan dan Antariksa (PUSTIKPAN) menggunakan ISO/IEC 27001:2013. Berdasarkan hasil penelitian tersebut dite
APA, Harvard, Vancouver, ISO, and other styles
24

Arruda, Paulo Cesar Andrade, Marcio Lima Da Silva, and Edilson Da Silva Pedro. "Um Estudo da Segurança da Informação na Propriedade Intelectual nas ICTs." Cadernos de Prospecção 13, no. 4 (2020): 1053. http://dx.doi.org/10.9771/cp.v13i4.29512.

Full text
Abstract:
<p>O presente estudo apresenta um panorama nacional e internacional dos controles relacionados à segurança da informação utilizados pelas Instituições de Ciência e Tecnologia (ICTs) em suas atividades relacionadas à Propriedade Intelectual. Para esta análise foram selecionadas Instituições de renome nacional e internacional. A metodologia utilizada tem como referencial as recomendações das normas ABNT NBR ISO/IEC 27001 e 27002 e permitiu mapear os principais controles adotados pelas ICTs, além de indicar as Instituições que possuem um Sistema de Gestão de Segurança da Informação (SGSI) m
APA, Harvard, Vancouver, ISO, and other styles
25

Mataracioglu, Tolga, and Sevgi Ozkan Yildirim. "Obstructions of Turkish Public Organizations Getting ISO/IEC 27001 Certified." International Journal of Managing Value and Supply Chains 5, no. 2 (2014): 1–10. http://dx.doi.org/10.5121/ijmvsc.2014.5201.

Full text
APA, Harvard, Vancouver, ISO, and other styles
26

الذنيبات, معاذ يوسف, عدنان عواد الشوابكة та خيرو خلف البقور. "دور عمليات إدارة الموارد البشرية في تحقيق الأمن المعلوماتي: دراسة تطبيقية على الجامعات الحكومية السعودية". Management & Economics Research Journal 2, № 3 (2020): 1–23. http://dx.doi.org/10.48100/merj.v2i3.107.

Full text
Abstract:
تهدف هذه الدراسة إلى الكشف واقع مساهمة وحدات إدارة الموارد البشرية في تحقيق الأمن المعلوماتي في الجامعات الحكومية السعودية من خلال فحص مدى التزامها بضوابط المواصفة العالمية لنظام إدارة أمن المعلومات ((ISO/IEC 27002:2013.
 اعتمدت الدراسة على طرق البحث النوعي، حيث تم تصميم قائمة فحص لجمع البيانات اللازمة للدراسة، باستخدام أسلوب المقابلات شبه المهيكلة، والملاحظة المباشرة، وفحص والوثائق المستخدمة بوحدات إدارة الموارد البشرية، كما تم استخدام أسلوب تحليل الفجوات لتحليل البيانات وفهم مدى امتثال وحدات إدارة الموارد البشرية في الجامعات التي شاركت في الدراسة لضوابط أمن المعلومات التي نصت عليها المو
APA, Harvard, Vancouver, ISO, and other styles
27

Lukitowati, Risma, and Kalamullah Ramli. "Assessing the Information Security Awareness of Employees in PT ABC Against International Organization for Standardization (ISO) 27001:2013." Journal of Computational and Theoretical Nanoscience 17, no. 2 (2020): 1441–46. http://dx.doi.org/10.1166/jctn.2020.8823.

Full text
Abstract:
The main purpose of information security is maintaining information assets that are owned by an organization, such as confidentiality, integrity, and availability (known as CIA). In maintaining information assets, a company usually manages information security by making and implementing an Information Security Management System (ISMS) policy. A widely used and applied ISMS policy in Indonesia is ISO/IEC 27001 (International Organization for Standardization/International Electrotechnical Commission). Indonesian telecommunications company PT ABC has implemented the ISO/IEC 27001:2013 standards a
APA, Harvard, Vancouver, ISO, and other styles
28

Kozhedub, Yuliia. "Modern aspects of updating international standards of series ISO/IEC 27000." Collection "Information technology and security" 4, no. 1 (2016): 20–26. http://dx.doi.org/10.20535/2411-1031.2016.4.1.95921.

Full text
APA, Harvard, Vancouver, ISO, and other styles
29

Rosa, Ferrucio De Franco, Mario Jino, Paulo Marcos Siqueira Bueno, and Rodrigo Bonacin. "Applying heuristics to the selection and prioritisation of security assessment items in software assessment: the case of ISO/IEC 27001 the case of ISO/IEC 27001." ACTA IMEKO 8, no. 2 (2019): 12. http://dx.doi.org/10.21014/acta_imeko.v8i2.624.

Full text
Abstract:
Security standards are essential instruments for security assessment. To create security assessment designs with suitable assessment items, we need to know the security aspects that are covered by a particular standard. We propose an approach to the selection and prioritisation of security assessment items. Assessment heuristics are proposed, aiming to increase the coverage of assessment dimensions and security characteristics in assessment designs. The main contribution of this paper to the field is the set of security assessment heuristics. Our approach can be applied to security standards i
APA, Harvard, Vancouver, ISO, and other styles
30

Maingak, Akmal Zaifullah, Candiwan Candiwan, and Listyo Dwi Harsono. "Information Security Assessment Using ISO/IEC 27001:2013 Standard on Government Institution." TRIKONOMIKA 17, no. 1 (2018): 28. http://dx.doi.org/10.23969/trikonomika.v17i1.1138.

Full text
Abstract:
The purpose of this research is to determine the existing gap to achieve ISO/IEC 27001:2013 certification and determine the maturity level of the information system owned by X Government Institution. The information system of X Government Institution would be assessed based on 14 clauses contained in ISO/IEC 27001: 2013. The method used is qualitative method, data collection and data validation with triangulation technique (interview, observation, and documentation). Data analysis used gap analysis and to measure the maturity level of this research used CMMI (Capability Maturity Model for Inte
APA, Harvard, Vancouver, ISO, and other styles
31

Maletić, Siniša. "IMPLEMENTACIJA SISTEMABEZBEDNOSTI INFORMACIJAISO/IEC 27001 U KOMPANIJI „FMS“ BEOGRAD, SA OSVRTOM NA PROCENU RIZIKA." Zbornik radova Fakulteta tehničkih nauka u Novom Sadu 34, no. 05 (2019): 822–24. http://dx.doi.org/10.24867/02gi06maletic.

Full text
Abstract:
U radu je opisana implementacija standarda ISO/IEC 27001 na primeru studije slučaja preduzeća „FMS" Beograd. Implementacijom ovog standarda obuhvaćena je procena rizika kao i primena svih kontrola u politici bezbednosti.
APA, Harvard, Vancouver, ISO, and other styles
32

Pardo, César, Francisco J. Pino, and Félix Garcia. "Towards an Integrated Management System (IMS), harmonizing the ISO/IEC 27001 and ISO/IEC 20000-2 standards." International Journal of Software Engineering and Its Applications 10, no. 9 (2016): 217–30. http://dx.doi.org/10.14257/ijseia.2016.10.9.18.

Full text
APA, Harvard, Vancouver, ISO, and other styles
33

Sari, Ira Prima, Muhammad Imam Basyiruddin, and Rukman Hertadi. "Bioconversion of Palm Oil into Biosurfactant by Halomonas meridiana BK-AB4 for the Application of Corrosion Inhibitor." Indonesian Journal of Chemistry 18, no. 4 (2018): 718. http://dx.doi.org/10.22146/ijc.27040.

Full text
Abstract:
Biosurfactant is environmentally friendly surfactant produced by a certain microorganism in a lipid-rich medium. A previous study has shown that Halomonas meridiana BK-AB4 had the potential of a moderately halophilic bacterium in converting olive oil into biosurfactant. In the present study, the effect of changing the carbon source from olive oil into cheaper and more abundant vegetable oil, which is palm oil, for the production of the biosurfactant was evaluated. The study began by optimizing the production medium with varying the nitrogen source, the concentration of palm oil and pH. The opt
APA, Harvard, Vancouver, ISO, and other styles
34

Paradise, Paradise, Kusrini Kusrini, and Asro Nasiri. "Audit Keamanan Aplikasi E-Cash Menggunakan Iso 27001." Creative Information Technology Journal 5, no. 4 (2020): 243. http://dx.doi.org/10.24076/citec.2018v5i4.209.

Full text
Abstract:
Mandiri e-cash adalah uang elektronik yang dikeluarkan oleh Bank Mandiri, berbasis server yang memanfaatkan teknologi aplikasi di handphone atau yang disebut sebagai uang tunai di handphone. Dalam pelaksanaannya, mandiri e-cash memberikan kemudahan kepada pengguna dalam proses transaksi keuangan, akan tetapi disamping itu banyak juga keluhan masyarakat akan maraknya tindak kejahatan dunia maya melalui mandiri e-cash. Keamanan adalah hal penting yang harus diperhatikan oleh pihak bank, mengingat pentingnya data-data yang ada pada aplikasi ini. Untuk mengukur keamanan informasi tersebut penulis
APA, Harvard, Vancouver, ISO, and other styles
35

Krawczyk-Jezierska, Agnieszka, and Jarosław Jezierski. "Zastosowanie normy ISO/EIC 27001 w sektorze finansowym — zakres i korzyści." Ekonomia 24, no. 2 (2018): 107–21. http://dx.doi.org/10.19195/2084-4093.24.2.8.

Full text
Abstract:
Application of ISO/EIC 27001 in the financial sector — scope and benefitsIn the face of technological advances and, as a result, the increasing threat of the loss of growing amount of data collected by financial institutions, it seems necessary to employ effective security measures in the process of information management. The necessity to implement information security management systems ISMS by all institutions processing personal data is reflected in national legislation. The requirements resulting from contemporary hazards and legal provisions are concurrent with the requirements of the in
APA, Harvard, Vancouver, ISO, and other styles
36

Muthaiyah, Saravanan, and Thein Oak Kyaw Zaw. "ISO/IEC 27001 Implementation in SMEs: Investigation on Management of Information Assets." Indian Journal of Public Health Research & Development 9, no. 12 (2018): 2631. http://dx.doi.org/10.5958/0976-5506.2018.02112.5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
37

ChiChang Chang, PeiRan Sun, KuoHsiung Liao, and YiFen Chen. "Evaluating the ISO/IEC 27001 with Experts' Knowledge for Taiwanese Medical Center." Journal of Convergence Information Technology 6, no. 10 (2011): 63–70. http://dx.doi.org/10.4156/jcit.vol6.issue10.9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
38

Гаршина, Вероника Викторовна, Вячеслав Алексеевич Степанцов та Анастасия Юрьевна Данковцева. "Семантический анализ информационных рисков и угроз на основе онтологии стандарта ISO/IEC 27001". Вестник ВГУ. Серия: Системный анализ и информационные технологии, № 4 (30 серпня 2018): 73–80. http://dx.doi.org/10.17308/sait.2018.4/1255.

Full text
Abstract:
В статье представлена реализация онтологического подхода к моделированию смысловых закономерностей для управления информационной безопасностью компании на основе стандарта ISO/IEC 27001. Предложена технологическая платформа разработки, базирующаяся на универсальных стандартах и использующая свободно-распространяемое ПО, на базе которой реализован прототип системы семантического анализа информационных рисков и угроз.
APA, Harvard, Vancouver, ISO, and other styles
39

Sanskriti Choubey and Astitwa Bhargava. "Significance of ISO/IEC 27001 in the Implementation of Governance, Risk and Compliance." International Journal of Scientific Research in Network Security and Communication 6, no. 2 (2018): 30–33. http://dx.doi.org/10.26438/ijsrnsc/v6i2.3033.

Full text
APA, Harvard, Vancouver, ISO, and other styles
40

Cruz-Gavilánez, Yolanda de la N., and Carlos J. Martinez-Santander. "ISO / IEC 27001 aseguramiento de la calidad de la información: Línea de tiempo." Polo del Conocimiento 3, no. 6 (2018): 478. http://dx.doi.org/10.23857/pc.v3i6.641.

Full text
Abstract:
<p style="text-align: justify;">En la actualidad los datos son esenciales en la vida cotidiana de todas las personas, empresas, organizaciones, entre otras. Desafortunadamente el riesgo de fraude cada vez es mayor. Ciberataques, hacking de los datos digitales, perdida de información se ha convertido en algo común de esta década. La aparición de nuevos sistemas acoplados a la parte industrial, de salud, energía, servicios básicos. Los han convertido en infraestructuras críticas, si incurre un ataque, puede traer consigo la paralización de una ciudad, además de las pérdidas económicas. Por
APA, Harvard, Vancouver, ISO, and other styles
41

Afrianto, Irawan, Taryana Suryana, and Sufa’atin Sufa’atin. "Pengukuran dan Evaluasi Keamanan Informasi Menggunakan Indeks KAMI - SNI ISO/IEC 27001:2009." Jurnal ULTIMA InfoSys 6, no. 1 (2015): 43–49. http://dx.doi.org/10.31937/si.v6i1.278.

Full text
Abstract:
Information is a valuable asset for the college. The need for safeguards against information becomes very necessary thing for a college. One standard that can be used to measure the maturity level of information security in an organization is the KAMI index developed by Depkominfo standards refer to ISO standard ISO / IEC 27001: 2009. This assessment is used to see how far the maturity level of information security in the college environment, which results can be used as a medium for evaluation in order to improve the information security of the college in the future.
 Index Terms - Asses
APA, Harvard, Vancouver, ISO, and other styles
42

Ahler, Ekaterina. "The ISO/IEC 27001 standard provides a systematic approach to information security management." Upravlenie kachestvom (Quality management), no. 1 (January 1, 2021): 36–38. http://dx.doi.org/10.33920/pro-1-2101-07.

Full text
Abstract:
The company's information security is not only compliance with a set of IT security measures, but also the correct choice of the appropriate standard. Let's look at what standards are aimed at ensuring the information security of the company.
APA, Harvard, Vancouver, ISO, and other styles
43

Tanaamah, Andeka Rocky, and Friska Juliana Indira. "Analysis of Information Technology Security Management UKSW SIASAT Using ISO/IEC 27001:2013." IJITEE (International Journal of Information Technology and Electrical Engineering) 5, no. 2 (2021): 68. http://dx.doi.org/10.22146/ijitee.65670.

Full text
Abstract:
IT security management is essential for organizations to notice the occurring risks and opportunities because they will profoundly affect the ongoing business processes within the organization. The Satya Wacana Academic Information System, more often called SIASAT, is an IT component playing an essential role in running core business processes at Satya Wacana Christian University under the control of the Information Systems and Technology Bureau. At this time, the implementation of SIASAT has been going well, but there are still some obstacles. Lack of human resources is one of the findings an
APA, Harvard, Vancouver, ISO, and other styles
44

Putra, Mardi Yudhi, and Djajasukma Tjahjadi. "Evaluasi Keamanan Informasi Pada Perguruan Tinggi Bina Insani Berdasarkan Indeks Keamanan Informasi SNI ISO/IEC 27001." PIKSEL : Penelitian Ilmu Komputer Sistem Embedded and Logic 6, no. 1 (2018): 95–104. http://dx.doi.org/10.33558/piksel.v6i1.1404.

Full text
Abstract:
Abstract
 
 Efforts to improve information security are so important to an organization that not only in planning but up to the stage of information security. In reality, there is a lack of awareness of the organization of its importance that it causes the occurrence of security issues such as spam so that it affects the business process of the organization. This study examines the evaluation of the completeness (readiness and maturity) of the Information Security Management System (SMKI) at the Private Higher Education Institution of Bina Insani as measured using the Information Sec
APA, Harvard, Vancouver, ISO, and other styles
45

Al-Masri, Nidal, and Mhammed El.agha. "Competitiveness of Regulatory Justice at Palestinian Universities when Practicing Information Security Standard (ISO/IEC 27002) in Light of Regulatory Symmetry: A Strategic Developmental Practical Proposal." Arab Journal for Quality Assurance and Higher Education 11, no. 35 (2018): 3–36. http://dx.doi.org/10.20428/ajqahe.11.35.1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
46

Rabii, Anass, Saliha Assoul, Khadija Ouazzani Touhami, and Ounsa Roudies. "Information and cyber security maturity models: a systematic literature review." Information & Computer Security 28, no. 4 (2020): 627–44. http://dx.doi.org/10.1108/ics-03-2019-0039.

Full text
Abstract:
Purpose This paper aims to clarify the uncertainty reflected in the current state of information security maturity evaluation where it has not enough matured and converged so that a generic approach or many specfics approaches become the go-to choice. In fact, in the past decade, many secruity maturity models are still being produced and remain unproven regardless of the existence of ISO 21827. Design/methodology/approach The authors have used the systematic literature review to summarize existing research, help identify gaps in the existing literature and provide background for positioning ne
APA, Harvard, Vancouver, ISO, and other styles
47

Culot, Giovanna, Guido Nassimbeni, Matteo Podrecca, and Marco Sartor. "The ISO/IEC 27001 information security management standard: literature review and theory-based research agenda." TQM Journal 33, no. 7 (2021): 76–105. http://dx.doi.org/10.1108/tqm-09-2020-0202.

Full text
Abstract:
PurposeAfter 15 years of research, this paper aims to present a review of the academic literature on the ISO/IEC 27001, the most renowned standard for information security and the third most widespread ISO certification. Emerging issues are reframed through the lenses of social systems thinking, deriving a theory-based research agenda to inspire interdisciplinary studies in the field.Design/methodology/approachThe study is structured as a systematic literature review.FindingsResearch themes and sub-themes are identified on five broad research foci: relation with other standards, motivations, i
APA, Harvard, Vancouver, ISO, and other styles
48

Tiszolczi, Balázs Gergely. "Fizikai biztonsági kontrollok tervezésének és alkalmazásának gyakorlata az ISO/IEC 27001 szabvány elvárásainak tükrében." Magyar Rendészet 19, no. 2-3 (2019): 233–49. http://dx.doi.org/10.32577/mr.2019.2-3.12.

Full text
Abstract:
Az információ és az információs rendszerek megfelelő védelme körültekintő tervezést és számos kontroll implementálását igényli a vállalkozások részéről, amelynek sok esetben valamely információbiztonsági keretrendszer, legtöbbször az ISO/IEC 27001 nemzetközi szabvány bevezetésével tesznek eleget. A szabvány rendelkezései közt hangsúlyosan foglalkozik többek közt az információs rendszerek fizikai védelmének kialakításával. Jelen tanulmány olyan tervezési, üzemeltetési megfontolásokat tárgyal, amely segíthet, hogy a felelős szakemberek a szabvány elvárásainak megfelelő fizikai biztonsági rendsze
APA, Harvard, Vancouver, ISO, and other styles
49

Maquera Quispe, Henry George, and Paola Nhataly Serpa Guillermo. "GESTIÓN DE ACTIVOS BASADO EN ISO/IEC 27002 PARA GARANTIZAR SEGURIDAD DE LA INFORMACIÓN." Ciencia & Desarrollo, no. 21 (June 11, 2019): 100–112. http://dx.doi.org/10.33326/26176033.2017.21.736.

Full text
Abstract:
Muchas empresas carecen de controles de seguridad por lo que no pueden garantizar la seguridad de la información.El avance tecnológico y una gestión de la información, cada vez más compleja traen consigo la presencia de diversostipos de amenaza que buscan reducir los niveles de servicio de los activos del área de proyectos digitales del Grupode Periodismo Digital (GPD). Esta investigación se encaminó a la implementación y utilización de mecanismos de control para la gestión de activos basada en la norma internacional ISO/IEC 27002 bajo el objetivo de evaluar los niveles de seguridad en los act
APA, Harvard, Vancouver, ISO, and other styles
50

Andriana, Myra, Irwan Sembiring, and Kristoko Dwi Hartomo. "SOP of Information System Security on Koperasi Simpan Pinjam Using ISO/IEC 27002:2013." Jurnal Transformatika 18, no. 1 (2020): 25. http://dx.doi.org/10.26623/transformatika.v18i1.2020.

Full text
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!