Implementación de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio

Bayona Sussy; Chauca Wilber; Lopez Milagros; Maldonado Carlos

doi:10.1109/CISTI.2015.7170355

Implementación de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio

Bayona Sussy, Chauca Wilber, Lopez Milagros, Maldonado Carlos

Resultado de la investigación: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

5 Citas (Scopus)

Resumen

In recent years, due to the intensive use of information technology, the information security has become a crucial and strategic issue in organizational management. Various standards and guidelines for security information as ISO/IEC 27001, ISO/IEC 27002, and COBIT have been developed; however, organizations still face difficulties in their implementation. This paper presents the current situation of the ISO/IEC 27001 implementation process in Peruvian public organizations. As a result of literature review, the critical success factors for successful implementation of ISO/IEC 7001 were identified. Furthermore, it was conducted a review of the ISO/IEC 27001 implementation in five organizations, taking into consideration the critical success factors identified. From the results obtained, it is concluded that there is the need for considering not only technical, legal, and organizational issues but also factors related to people such as training, knowledge and awareness raising in order to get success of information security management.

Título traducido de la contribución	ISO/IEC 27001 implementation in public organizations: A case study
Idioma original	Español
Título de la publicación alojada	2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015
Editorial	Institute of Electrical and Electronics Engineers Inc.
ISBN (versión digital)	9789899843455
DOI	https://doi.org/10.1109/CISTI.2015.7170355
Estado	Publicada - 28 jul. 2015
Publicado de forma externa	Sí
Evento	10th Iberian Conference on Information Systems and Technologies, CISTI 2015 - Aveiro, Portugal Duración: 17 jun. 2015 → 20 jun. 2015

Serie de la publicación

Nombre	2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015

Conferencia

Conferencia	10th Iberian Conference on Information Systems and Technologies, CISTI 2015
País/Territorio	Portugal
Ciudad	Aveiro
Período	17/06/15 → 20/06/15

Palabras clave

critical success factors
information security management system
ISMS
NTP ISO/IEC 27001

Acceder al documento

10.1109/CISTI.2015.7170355

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

Sussy, B., Wilber, C., Milagros, L., & Carlos, M. (2015). Implementación de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio. En 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 [7170355] (2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CISTI.2015.7170355

Sussy, Bayona ; Wilber, Chauca ; Milagros, Lopez et al. / Implementación de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio. 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015. Institute of Electrical and Electronics Engineers Inc., 2015. (2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015).

@inproceedings{1c70990d79f84200bf839be652a74a56,

title = "Implementaci{\'o}n de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio",

abstract = "In recent years, due to the intensive use of information technology, the information security has become a crucial and strategic issue in organizational management. Various standards and guidelines for security information as ISO/IEC 27001, ISO/IEC 27002, and COBIT have been developed; however, organizations still face difficulties in their implementation. This paper presents the current situation of the ISO/IEC 27001 implementation process in Peruvian public organizations. As a result of literature review, the critical success factors for successful implementation of ISO/IEC 7001 were identified. Furthermore, it was conducted a review of the ISO/IEC 27001 implementation in five organizations, taking into consideration the critical success factors identified. From the results obtained, it is concluded that there is the need for considering not only technical, legal, and organizational issues but also factors related to people such as training, knowledge and awareness raising in order to get success of information security management.",

keywords = "critical success factors, information security management system, ISMS, NTP ISO/IEC 27001",

author = "Bayona Sussy and Chauca Wilber and Lopez Milagros and Maldonado Carlos",

note = "Publisher Copyright: {\textcopyright} 2015 AISTI. Copyright: Copyright 2015 Elsevier B.V., All rights reserved.; 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 ; Conference date: 17-06-2015 Through 20-06-2015",

year = "2015",

month = jul,

day = "28",

doi = "10.1109/CISTI.2015.7170355",

language = "Espa{\~n}ol",

series = "2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015",

address = "Estados Unidos",

}

Sussy, B, Wilber, C, Milagros, L & Carlos, M 2015, Implementación de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio. En 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015., 7170355, 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015, Institute of Electrical and Electronics Engineers Inc., 10th Iberian Conference on Information Systems and Technologies, CISTI 2015, Aveiro, Portugal, 17/06/15. https://doi.org/10.1109/CISTI.2015.7170355

Implementación de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio. / Sussy, Bayona; Wilber, Chauca; Milagros, Lopez et al.
2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015. Institute of Electrical and Electronics Engineers Inc., 2015. 7170355 (2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015).

Resultado de la investigación: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

TY - GEN

T1 - Implementación de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio

AU - Sussy, Bayona

AU - Wilber, Chauca

AU - Milagros, Lopez

AU - Carlos, Maldonado

PY - 2015/7/28

Y1 - 2015/7/28

N2 - In recent years, due to the intensive use of information technology, the information security has become a crucial and strategic issue in organizational management. Various standards and guidelines for security information as ISO/IEC 27001, ISO/IEC 27002, and COBIT have been developed; however, organizations still face difficulties in their implementation. This paper presents the current situation of the ISO/IEC 27001 implementation process in Peruvian public organizations. As a result of literature review, the critical success factors for successful implementation of ISO/IEC 7001 were identified. Furthermore, it was conducted a review of the ISO/IEC 27001 implementation in five organizations, taking into consideration the critical success factors identified. From the results obtained, it is concluded that there is the need for considering not only technical, legal, and organizational issues but also factors related to people such as training, knowledge and awareness raising in order to get success of information security management.

AB - In recent years, due to the intensive use of information technology, the information security has become a crucial and strategic issue in organizational management. Various standards and guidelines for security information as ISO/IEC 27001, ISO/IEC 27002, and COBIT have been developed; however, organizations still face difficulties in their implementation. This paper presents the current situation of the ISO/IEC 27001 implementation process in Peruvian public organizations. As a result of literature review, the critical success factors for successful implementation of ISO/IEC 7001 were identified. Furthermore, it was conducted a review of the ISO/IEC 27001 implementation in five organizations, taking into consideration the critical success factors identified. From the results obtained, it is concluded that there is the need for considering not only technical, legal, and organizational issues but also factors related to people such as training, knowledge and awareness raising in order to get success of information security management.

KW - critical success factors

KW - information security management system

KW - ISMS

KW - NTP ISO/IEC 27001

UR - http://www.scopus.com/inward/record.url?scp=84943327926&partnerID=8YFLogxK

U2 - 10.1109/CISTI.2015.7170355

DO - 10.1109/CISTI.2015.7170355

M3 - Contribución a la conferencia

AN - SCOPUS:84943327926

T3 - 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015

BT - 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 10th Iberian Conference on Information Systems and Technologies, CISTI 2015

Y2 - 17 June 2015 through 20 June 2015

ER -

Sussy B, Wilber C, Milagros L, Carlos M. Implementación de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio. En 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015. Institute of Electrical and Electronics Engineers Inc. 2015. 7170355. (2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015). doi: 10.1109/CISTI.2015.7170355

Implementación de la NTP ISO/IEC 27001 en las Instituciones Publicas:Caso de Estudio

Resumen

Serie de la publicación

Conferencia

Palabras clave

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto