Mariana Gerber, Rossouw von Solms,
... compliance issues, as referred to by ISO/IEC 27002 (ISO/IEC 27002, 2005; previously known as ISO/IEC 17799, 2005). ISO/IEC 27002 further mentions three sources from which information security ... information security controls from the list provided in ISO/IEC 27002, to satisfy the identified legal requirements.
Tópico(s): Cybercrime and Law Enforcement Studies
2008 - Elsevier BV | Computers & Security
Francis Akowuah, Xiaohong Yuan, Jinsheng Xu, Hong Wang,
... for Information and related Technology (COBIT), ISO/IEC 27002:2005, ISO/IEC 27001:2005, NIST Special Publication 800-53, ISO ...
Tópico(s): Access Control and Trust
2013 - Taylor & Francis | International Journal of Information Security and Privacy
... that use cloud computing services with vendors. The ISO/IEC 27002 security standard is based on a management systems ... security in a cloud computing environment using the ISO/IEC 27002 framework. INTRODUCTION Cloud computing is one of the ... business needs of an organization (Urquhart, 2010). The ISO/IEC 27002 framework does not have any mandatory requirements and ... available security measures discussed in section 3. The ISO/IEC 27002 framework is explained in section 4. The application of the ISO/IEC 27002 framework to the cloud environment is described in ...
Tópico(s): Cloud Data Security Solutions
2012 - Allied Academies | Academy of Information and Management Sciences journal
Produção Nacional
Revisado por pares
... IT management. This document analyzes ITIL, COBIT and ISO/IEC 27002 methodologies through literature review, highlighting their similarities and ... which uses a combination of ITIL, COBIT and ISO/IEC 27002 that can be used by any organization as ...
Tópico(s): Big Data and Business Intelligence
2012 - Serviço Nacional de Aprendizagem Comercial | Navus - Revista de Gestão e Tecnologia
Produção Nacional
Revisado por pares
... IT management. This document analyzes ITIL, COBIT and ISO/IEC 27002 methodologies through literature review, highlighting their similarities and ... which uses a combination of ITIL, COBIT and ISO/IEC 27002 that can be used by any organization as ...
Tópico(s): Information Technology Governance and Strategy
2012 - Serviço Nacional de Aprendizagem Comercial | Navus - Revista de Gestão e Tecnologia
Vasiliki Diamantopoulou, Aggeliki Tsohou, Maria Karyda,
... controls provisioned in ISO/IEC 27001:2013 and ISO/IEC 27002:2013 that need to be extended in order to adequately meet, if/where possible, the data protection requirements that the GDPR imposes. Thus, an organisation that already follows ISO/IEC 27001:2013, can use this work as a ...
Tópico(s): Digitalization, Law, and Regulation
2020 - Springer Science+Business Media | Lecture notes in computer science
... approach to pooling the references ITIL, COBIT with ISO / IEC 27002 for better use of the ITG in the ...
Tópico(s): Information Technology Governance and Strategy
2017 - | International Journal of Computer Science Issues
Sarah Landolt, J. David Hirschel, Thomas Schlienger, Walter Businger, Alex M. Zbinden,
... ISO) and the International Electrotechnical Commission (IEC) standard ISO/IEC 27002, evaluating Information technology - Security techniques - Code of practice ... participation. To group the analyzed controls of the ISO/IEC standard 27002 in a meaningful way, a factor analysis was ...
Tópico(s): Electronic Health Records Systems
2012 - JMIR Publications | Interactive Journal of Medical Research
Francisco Javier Valencia Duque, Mauricio Orozco‐Alzate,
... 27001, los controles de seguridad presentados en la ISO/ IEC 27002, el esquema de riesgos de la ISO/IEC 27005 y los pasos recomendados en la ISO/ ...
Tópico(s): Occupational Health and Safety in Workplaces
2017 - AISTI | RISTI - Revista Ibérica de Sistemas e Tecnologias de Informação
Antoni‐Lluís Mesquida, Antònia Mas,
... IEC 15504-5 software development base practices and ISO/IEC 27002 security controls have been analysed and the ISO/IEC 15504 Security Extension has been developed. This extension ...
Tópico(s): Software Engineering Techniques and Practices
2014 - Elsevier BV | Computers & Security
Produção Nacional
Revisado por pares
Orlivaldo Kléber Lima Rios, José Gilson de Almeida Teixeira Filho, Vânia Patrícia da Silva Rios,
... Security, ITIL v3 Service Design, controles da ABNT ISO/IEC 27002:2103, pesquisas acadêmicas, literatura relacionada a segurança da ...
Tópico(s): Brazilian Legal Issues
2017 - | Revista Gestão & Tecnologia
Vasiliki Diamantopoulou, Aggeliki Tsohou, Maria Karyda,
... controls provisioned in ISO/IEC 27001:2013 and ISO/IEC 27002:2013 that need to be extended to adequately meet, data protection requirements set by the General Data Protection Regulation (GDPR); it also indicates security management actions an organisation needs to perform to fulfil GDPR requirements. Thus, ISO/IEC 27001:2013 compliant organisations, can use this paper ...
Tópico(s): Privacy-Preserving Technologies in Data
2020 - Emerald Publishing Limited | Information and Computer Security
Ganthan Narayana Samy, Rabiah Ahmad, Zuraini Ismail,
... threats according to major threat categories based on ISO/IEC 27002 (ISO 27799:2008). The results show that the ...
Tópico(s): Data Quality and Management
2010 - SAGE Publishing | Health Informatics Journal
... Google App Engine Platform is assessed based on ISO/IEC 27002 and OWASP Top 10 Risk List in this ...
Tópico(s): IoT and Edge/Fog Computing
2011 - IGI Global | International Journal of Grid and High Performance Computing
Robert van Wessel, Yang Xu, Henk de Vries,
... for information security management, ISO/IEC 27001 and ISO/IEC 27002 originate from the UK, but are applied worldwide. ...
Tópico(s): Cybersecurity and Cyber Warfare Studies
2011 - Taylor & Francis | Technology Analysis and Strategic Management
Tópico(s): Library Science and Administration
2014 - Japan Science and Technology Agency | Journal of Information Processing and Management
Produção Nacional
Evandro Alencar Rigon, Carla Merkle Westphall, Daniel Ricardo dos Santos, Carlos Becker Westphall,
... Findings – This model, based on controls present in ISO/IEC 27002, provides a means to measure the current situation ...
Tópico(s): Software Engineering Techniques and Practices
2014 - Emerald Publishing Limited | Information Management & Computer Security
... practices and maps their processes to ITIL. CobiT, ISO/IEC 27002-2005, Six Sigma, TOGAF, eTOM, CMMI, PCI DSS ...
Tópico(s): Big Data and Business Intelligence
2013 - Science Publications | Journal of Computer Science
Diana Lizeth Carvajal Portilla, Arturo Cardona Londoño, Francisco Javier Valencia Duque,
... la información (ISO/IEC 27001:2013, ISO/IEC 27002:2013, ISO/IEC 27003:2010 e ISO/IEC 27005:2008) y ...
Tópico(s): Occupational Health and Safety in Workplaces
2019 - | Entre ciencia e ingeniería
Josefina Gutiérrez-Martínez, Marco Antonio Núñez-Gaona, Heriberto Aguirre-Meneses,
... a business model that accomplishes the controls of ISO/IEC 27002:2013 standard and criteria of security and privacy ...
Tópico(s): Digital and Cyber Forensics
2015 - Springer Science+Business Media | Journal of Digital Imaging
Daniel Woods, Ioannis Agrafiotis, Jason R. C. Nurse, Sadie Creese,
... analysed forms corresponds to the controls defined in ISO/IEC 27002 and the CIS Critical Security Controls; these two ...
Tópico(s): Network Security and Intrusion Detection
2017 - Springer Science+Business Media | Journal of Internet Services and Applications
Luís Pereira de Almeida, Ana Respício,
... using the standards ISO/IEC 27001:2013 and ISO/IEC 27002:2013 to support the identification of vulnerabilities/threats ...
Tópico(s): Advanced Malware Detection Techniques
2018 - Taylor & Francis | Journal of Decision System
Mohammad Shakibazad, Ali Jabbar Rashidi,
... Objectives for Information and Related Technology) [31] and ISO/IEC 27002 [32], fail to provide managers with a clear ...
Tópico(s): Advanced Malware Detection Techniques
2019 - Institution of Engineering and Technology | IET Information Security
... ANP) process. The proposed approach is applied using ISO/IEC 27002 (ISO 27002) standard and some other important features ...
Tópico(s): Big Data and Business Intelligence
2020 - Hindawi Publishing Corporation | Security and Communication Networks
Erik Bergström, Fredrik Karlsson, Rose‐Mharie Åhlfeldt,
... method draws on established standards, such as the ISO/IEC 27002 and information classification practices. The long-term goal ...
Tópico(s): Data Quality and Management
2020 - Emerald Publishing Limited | Information and Computer Security
Diah Sulistyowati, Fitri Handayani, Yohan Suryanto,
Data or Information security in today's digital era is crucial in every organization that needs to pay attention. Management of organizational information is one of the components in realizing Good Corporate Governance. The measure of an adequate level of protection is an indicator of the cybersecurity awareness aspects of an organization's business processes in the short, medium, and long term, especially in the field that deals with information and communication technology (ICT). To make this happen, ...
Tópico(s): Information and Cyber Security
2020 - State Polytechnics of Andalas | JOIV International Journal on Informatics Visualization
Christopher Schmitz, Michael Schmid, David Harborth, Sebastian Pape,
... where security experts assessed a subset of the ISO/IEC 27002 security controls for a hypothetical scenario using the ...
Tópico(s): Software Engineering Research
2021 - Elsevier BV | Computers & Security
Masike Malatji, Annlizé L. Marnewick, Suné von Solms,
... guidelines, such as COBIT®, CIS®, ISA/IEC 62443, ISO/IEC 27002 and NIST Special Publication 800-53. Practical implications ...
Tópico(s): Network Security and Intrusion Detection
2021 - Emerald Publishing Limited | Information and Computer Security
Myra Andriana, Irwan Sembiring, Kristoko Dwi Hartomo,
... compiled in this study are based on the ISO/IEC 27002:2013 framework. The method used is qualitative with ...
Tópico(s): Information Retrieval and Data Mining
2020 - Universitas Semarang | Jurnal Transformatika
Wenyuan Wang, Sira Yongchareon,
... Security Alliance (CSA) with the security clauses in ISO/IEC 27002:2013 to give a comprehensive analysis of those ...
Tópico(s): Digital and Cyber Forensics
2020 - Emerald Publishing Limited | International Journal of Web Information Systems