When can we talk about implementing an Information Security Management System, according to ISO 27001?
Main Article Content
Abstract
Information Technology is developing at a high pace, but it remains vulnerable to various threats
targeting its integrity, confidentiality and availability. Each organization or institution projects its strategic vision for security concerns by focusing on the information system and risk management. Information security or ISMS is at the heart of this strategy and has become a major issue in information systems management. To this end, it is necessary to know and understand the subject of the implementation of an Information Security Management System according to ISO 27001, which aims to protect any institution or organization from possible loss, theft or alteration of data. This procedure not only defends and preserves the computer systems against intrusions or disasters but also ensures its survival. This standard gives the conceptual good practices which are established to supplement the technical measures thanks to its security norm ISO27002, in order to ensure a full-fledged security... Therefore, it is recommended to implement an ISMS based on ISO 27001 when risks related to the security of the company's data could come up.
Downloads
Metrics
Article Details
Licensing
TURCOMAT publishes articles under the Creative Commons Attribution 4.0 International License (CC BY 4.0). This licensing allows for any use of the work, provided the original author(s) and source are credited, thereby facilitating the free exchange and use of research for the advancement of knowledge.
Detailed Licensing Terms
Attribution (BY): Users must give appropriate credit, provide a link to the license, and indicate if changes were made. Users may do so in any reasonable manner, but not in any way that suggests the licensor endorses them or their use.
No Additional Restrictions: Users may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.