Regresar

Practical approach of a secure management system based on ISO/IEC 17799

Abstract:

For enterprises to be able to properly use information and communications technologies, it is necessary to have guides, metrics and tools that allow us to always know the level of our security and the points in which we are not covering it. In small and medium-size enterprises, the application of security standards has an additional problem, that is, the fact that they do not have enough resources to perform an appropriate management. In this article we will analyze some of the existing maturity models and we will compare them to the maturity model we are applying in practice. Finally we will introduce a first approach to a scoreboard which is being developed as part of a security management tool for IT systems This approach is being directly applied to real cases and it is obtaining a constant improvement in its application. © 2006 IEEE.

Año de publicación:

2006

Keywords:

    Fuente:

    scopusscopus

    Tipo de documento:

    Conference Object

    Estado:

    Acceso restringido

    Áreas de conocimiento:

      Áreas temáticas:

      • Dirección general
      • Programación informática, programas, datos, seguridad
      • Otros problemas y servicios sociales

      Contribuidores:

      Fernandez-Medina E.Fernandez-Medina E.
      Piattini-Velthuis M.Piattini-Velthuis M.
      Villafranca D.Villafranca D.
      Luis Enrique Sánchez CrespoLuis Enrique Sánchez Crespo