Abstract
In recent years, due to the intensive use of information technology, the information security has become a crucial and strategic issue in organizational management. Various standards and guidelines for security information as ISO/IEC 27001, ISO/IEC 27002, and COBIT have been developed; however, organizations still face difficulties in their implementation. This paper presents the current situation of the ISO/IEC 27001 implementation process in Peruvian public organizations. As a result of literature review, the critical success factors for successful implementation of ISO/IEC 7001 were identified. Furthermore, it was conducted a review of the ISO/IEC 27001 implementation in five organizations, taking into consideration the critical success factors identified. From the results obtained, it is concluded that there is the need for considering not only technical, legal, and organizational issues but also factors related to people such as training, knowledge and awareness raising in order to get success of information security management.
Translated title of the contribution | ISO/IEC 27001 implementation in public organizations: A case study |
---|---|
Original language | Spanish |
Title of host publication | 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
ISBN (Electronic) | 9789899843455 |
DOIs | |
State | Published - 28 Jul 2015 |
Externally published | Yes |
Event | 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 - Aveiro, Portugal Duration: 17 Jun 2015 → 20 Jun 2015 |
Publication series
Name | 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 |
---|
Conference
Conference | 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 |
---|---|
Country/Territory | Portugal |
City | Aveiro |
Period | 17/06/15 → 20/06/15 |
Bibliographical note
Publisher Copyright:© 2015 AISTI.