If you spot content on this site that is genuinely illegal or actually puts someone in real danger, contact [email protected]. We have multiple agents reviewing tickets 24/7. Note that we try to maintain as much transparency as possible, both about ourselves and of the actions of Wikipedians. For example, if we removed a live link to CSAM content that was posted by a Wikipedia admin, we would replace it a placeholder like "<link to CSAM that was posted by Demiurge1000 redacted by Undersight>". Note that "I don't like it" is NOT a valid removal reason.

If instead you are a Wikipedophile trying to get all the dark secrets of Wikipedia censored, please follow this guide instead.

If you would like to contact the owner of this about something else (e.g. press inquires, feature requests, bug reports), e-mail [email protected] or [email protected].

Difference between revisions 610360790 and 617355556 on enwiki

< previous diff

next diff >

Information security management system

[[File:Risk Management Elements.jpg|thumb|Plan-Do-Check-Act Cycle]]
[[File:Isms framework.jpg|thumb|ENISA: Risk Management and Isms activities]]
An '''information security management system'''<ref>{{cite web|title=Security management system’s usability key to easy adoption|url=http://www.sourcesecurity.com/news/articles/co-4108-ga.8554.html|publisher=sourcesecurity.com|accessdate=22 August 2013}}</ref>  (ISMS) is a set of policies concerned with [[information securi(contracted; show full)

Some best-known ISMSs for computer security certification are the [[Common Criteria]] (CC) international standard and its predecessors [[Information Technology Security Evaluation Criteria]] (ITSEC) and [[Trusted Computer System Evaluation Criteria]] (TCSEC).<ref name="isms">{{cite journal|last=Jo|first=Heasuk|
coauthors2=Kim, Seungjoo; |author3=Won, Dongho  |title=Advanced information security management evaluation system|journal=KSII Transactions on Internet and Information Systems|date=1 January 2011|year=2011|volume=5|issue=6|pages=1192–1213|doi=10.3837/tiis.2011.06.006}}</ref>

(contracted; show full) information security management will enable implementing the desirable qualitative characteristics of the services offered by the organization (i.e. availability of services, preservation of data confidentiality and integrity etc.).<ref name=ENISAFULL/> By preventing and minimizing the impacts of security incidents, ISMS ensures business continuity, customer confidence, protect business investments and opportunities, or reduce damage to the business.<ref>{{cite journal|last=Ma|first=Qingxiong|
coauthors2=Schmidt, Mark B.; |author3=Pearson, Michael  |title=An integrated framework for information security management|journal=Review of Business|year=2009|volume=30|issue=1|pages=58-69|url=http://www.stjohns.edu/reviewofbusiness|accessdate=26 October 2013}}</ref> 

(contracted; show full)
* be based on continuous training and awareness of staff and avoid the use of disciplinary measures and “police” or “military” practices;
* be a never ending process;

== Dynamic issues in ISMS ==
There are three main problems which lead to uncertainty in information security management systems (ISMS):<ref name= dynamic>{{cite journal|last=Abbas|first=Haider|
coauthors2=Magnusson, Christer; |author3=Yngstrom, Louise; |author4= Hemani, Ahmed  |title=Addressing dynamic issues in information security management|journal=Information Management & Computer Security|date=1 January 2011|year=2011|volume=19|issue=1|pages=5–24|doi=10.1108/09685221111115836|accessdate=26 October 2013}}</ref> 
* '''Dynamically changing security requirements of an organization'''
(contracted; show full)* [[TRAC (ISMS)]]

== Notes and references ==
<references/>


[[Category:Data security]]
[[ar:نظام ادارة امن المعلومات]]

All content in the above text box is licensed under the Creative Commons Attribution-ShareAlike license Version 4 and was originally sourced from https://en.wikipedia.org/w/index.php?diff=prev&oldid=617355556.

This site is not affiliated with or endorsed in any way by the Wikimedia Foundation or any of its affiliates. In fact, we fucking despise them.