Regresar

Developing an Information Security Management System for Libraries Based on an Improved Risk Analysis Methodology Compatible with ISO/IEC 27001

Abstract:

This paper describes a new risk analysis methodology for libraries based on steps filtered from existing methodologies that are compatible with the ISO/IEC 27000: 2013 standard. After analyzing MAGERIT, OCTAVE and NIST 800-30 risk analysis methodologies, the most important steps were identified and those that do not fit in library type of organization were discarded. Once the methodology was created, it was tested through a real implementation in the Library system of a university to verify its benefits.

Año de publicación:

2020

Keywords:

  • Risk management methodology
  • Information security management system
  • information security

Fuente:

scopusscopus
googlegoogle

Tipo de documento:

Conference Object

Estado:

Acceso restringido

Áreas de conocimiento:

  • Ciencias de la computación

Áreas temáticas:

  • Funcionamiento de bibliotecas y archivos

Contribuidores:

Sang Guun YooSang Guun Yoo
MARIA JOSE BRAVO RAMOSMARIA JOSE BRAVO RAMOS