Regresar

Developing an Information Security Management System for Libraries Based on an Improved Risk Analysis Methodology Compatible with ISO/IEC 27001

Abstract:

This paper describes a new risk analysis methodology for libraries based on steps filtered from existing methodologies that are compatible with the ISO/IEC 27000: 2013 standard. After analyzing MAGERIT, OCTAVE and NIST 800-30 risk analysis methodologies, the most important steps were identified and those that do not fit in library type of organization were discarded. Once the methodology was created, it was tested through a real implementation in the Library system of a university to verify its benefits.

Año de publicación:

2020

Keywords:

  • Risk management methodology
  • Information security management system
  • information security

Fuente:

scopusscopus
googlegoogle

Tipo de documento:

Conference Object

Estado:

Acceso restringido

Áreas de conocimiento:

  • Ciencias de la computación

Áreas temáticas de Dewey:

  • Funcionamiento de bibliotecas y archivos
Procesado con IAProcesado con IA

Objetivos de Desarrollo Sostenible:

  • ODS 16: Paz, justicia e instituciones sólidas
  • ODS 4: Educación de calidad
  • ODS 9: Industria, innovación e infraestructura
Procesado con IAProcesado con IA

Contribuidores:

Sang Guun YooSang Guun Yoo
MARIA JOSE BRAVO RAMOSMARIA JOSE BRAVO RAMOS