Resumen
In recent years, due to the intensive use of information technology, the information security has become a crucial and strategic issue in organizational management. Various standards and guidelines for security information as ISO/IEC 27001, ISO/IEC 27002, and COBIT have been developed; however, organizations still face difficulties in their implementation. This paper presents the current situation of the ISO/IEC 27001 implementation process in Peruvian public organizations. As a result of literature review, the critical success factors for successful implementation of ISO/IEC 7001 were identified. Furthermore, it was conducted a review of the ISO/IEC 27001 implementation in five organizations, taking into consideration the critical success factors identified. From the results obtained, it is concluded that there is the need for considering not only technical, legal, and organizational issues but also factors related to people such as training, knowledge and awareness raising in order to get success of information security management.
Título traducido de la contribución | ISO/IEC 27001 implementation in public organizations: A case study |
---|---|
Idioma original | Español |
Título de la publicación alojada | 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 |
Editorial | Institute of Electrical and Electronics Engineers Inc. |
ISBN (versión digital) | 9789899843455 |
DOI | |
Estado | Publicada - 28 jul. 2015 |
Publicado de forma externa | Sí |
Evento | 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 - Aveiro, Portugal Duración: 17 jun. 2015 → 20 jun. 2015 |
Serie de la publicación
Nombre | 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 |
---|
Conferencia
Conferencia | 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 |
---|---|
País/Territorio | Portugal |
Ciudad | Aveiro |
Período | 17/06/15 → 20/06/15 |
Nota bibliográfica
Publisher Copyright:© 2015 AISTI.
Palabras clave
- ISMS
- NTP ISO/IEC 27001
- critical success factors
- information security management system