Resumen
The ISO 27001 standard is a crucial framework for establishing Information Security Management Systems (ISMS) in organizations, irrespective of their size or sector. Its core objective is safeguarding information confidentiality, integrity, and availability through security controls and regular audits. ISO 27001 certification assures stakeholders of effective security control implementation and sensitive data management. Implementing ISO 27001 is ideal for ensuring information security but can be cost-prohibitive due to the need for process improvements, role adaptations, and a lengthy implementation process. Smaller organizations, such as SMEs, often struggle to afford the associated expenses. Consequently, many organizations opt for practical yet incomplete information security solutions. However, adopting ISO 27001 can be a valuable tool for managing information security without incurring substantial costs. This research explores how organizations can utilize ISO 27001 as a strategic tool to enhance information security management without immediate full-scale implementation. This approach provides a stepping stone towards eventual ISO 27001 certification, allowing organizations to gradually improve their information security capabilities while managing costs effectively.
Idioma original | Inglés |
---|---|
Título de la publicación alojada | Advances in Information and Communication - Proceedings of the 2024 Future of Information and Communication Conference FICC |
Editores | Kohei Arai |
Editorial | Springer Science and Business Media Deutschland GmbH |
Páginas | 197-207 |
Número de páginas | 11 |
ISBN (versión impresa) | 9783031539626 |
DOI | |
Estado | Publicada - 2024 |
Evento | Future of Information and Communication Conference, FICC 2024 - Berlin, Alemania Duración: 4 abr. 2024 → 5 abr. 2024 |
Serie de la publicación
Nombre | Lecture Notes in Networks and Systems |
---|---|
Volumen | 920 LNNS |
ISSN (versión impresa) | 2367-3370 |
ISSN (versión digital) | 2367-3389 |
Conferencia
Conferencia | Future of Information and Communication Conference, FICC 2024 |
---|---|
País/Territorio | Alemania |
Ciudad | Berlin |
Período | 4/04/24 → 5/04/24 |
Nota bibliográfica
Publisher Copyright:© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.