首页    期刊浏览 2024年11月28日 星期四
登录注册

文章基本信息

  • 标题:A Model of an Information Security Management System Based on NTC-ISO/IEC 27001 Standard
  • 本地全文:下载
  • 作者:Omar A. Fonseca-Herrera ; Alix E. Rojas ; Hector Florez
  • 期刊名称:IAENG International Journal of Computer Science
  • 印刷版ISSN:1819-656X
  • 电子版ISSN:1819-9224
  • 出版年度:2021
  • 卷号:48
  • 期号:2
  • 语种:English
  • 出版社:IAENG - International Association of Engineers
  • 摘要:In an era of globalization, in which technology has allowed the development of companies to be promoted, data and information become essential assets in organizations, which are exposed to hackers, computer viruses, cyber espionage, and infrastructure failures are some of the problems organizations face daily. In this work, we aim to present a model of an information security management system, aligned with the NTC-ISO/IEC 27001:2013 standard, which applies to any organization and allows them to know their current status regarding the information security. Also, the proposed model will enable organizations to implement systemically and adequately controls, procedures, and policies required to preserve the integrity, confidentiality, and integrity of information assets. The model has been applied to an organization that provides technical information management and administration services in the hydrocarbon sector. The results of using the model in this organization, allowed to define its security structure, information security policies, and resources required to certify its management system. Additionally, information assets, technical vulnerabilities, and risks applied to all processes were identified.
  • 关键词:Information Security;Management System;NTC-ISO/IEC 27001:2013 Standard;Organizational Assets
国家哲学社会科学文献中心版权所有