ISO/IEC 27001 implementation in public organizations: A case study

Bayona Sussy, Chauca Wilber, Lopez Milagros, Maldonado Carlos

Research output: Contribution to conferencePaper

3 Scopus citations

Abstract

© 2015 AISTI. In recent years, due to the intensive use of information technology, the information security has become a crucial and strategic issue in organizational management. Various standards and guidelines for security information as ISO/IEC 27001, ISO/IEC 27002, and COBIT have been developed; however, organizations still face difficulties in their implementation. This paper presents the current situation of the ISO/IEC 27001 implementation process in Peruvian public organizations. As a result of literature review, the critical success factors for successful implementation of ISO/IEC 7001 were identified. Furthermore, it was conducted a review of the ISO/IEC 27001 implementation in five organizations, taking into consideration the critical success factors identified. From the results obtained, it is concluded that there is the need for considering not only technical, legal, and organizational issues but also factors related to people such as training, knowledge and awareness raising in order to get success of information security management.
Original languageAmerican English
DOIs
StatePublished - 1 Jan 2015
Event2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 -
Duration: 28 Jul 2015 → …

Conference

Conference2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015
Period28/07/15 → …

Fingerprint Dive into the research topics of 'ISO/IEC 27001 implementation in public organizations: A case study'. Together they form a unique fingerprint.

  • Cite this

    Sussy, B., Wilber, C., Milagros, L., & Carlos, M. (2015). ISO/IEC 27001 implementation in public organizations: A case study. Paper presented at 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015, . https://doi.org/10.1109/CISTI.2015.7170355