Information Security Management Systems: A Novel Framework and Software as a Tool for Compliance with Information Security Standard
暫譯: 資訊安全管理系統:一個新穎框架及軟體作為遵循資訊安全標準的工具
Heru Susanto, Mohammad Nabil Almunawar
- 出版商: Apple Academic Press
- 出版日期: 2018-06-18
- 售價: $5,080
- 貴賓價: 9.5 折 $4,826
- 語言: 英文
- 頁數: 326
- 裝訂: Hardcover
- ISBN: 1771885777
- ISBN-13: 9781771885775
-
相關分類:
資訊安全
海外代購書籍(需單獨結帳)
相關主題
商品描述
This new volume, Information Security Management Systems: A Novel Framework and Software as a Tool for Compliance with Information Security Standard, looks at information security management system standards, risk management associated with information security, and information security awareness within an organization. The authors aim to improve the overall ability of organizations to participate, forecast, and actively assess their information security circumstances.
It is important to note that securing and keeping information from parties who do not have authorization to access such information is an extremely important issue. To address this issue, it is essential for an organization to implement an ISMS standard such as ISO 27001 to address the issue comprehensively. The authors of this new volume have constructed a novel security framework (ISF) and subsequently used this framework to develop software called Integrated Solution Modeling (ISM), a semi-automated system that will greatly help organizations comply with ISO 27001 faster and cheaper than other existing methods. In addition, ISM does not only help organizations to assess their information security compliance with ISO 27001, but it can also be used as a monitoring tool, helping organizations monitor the security statuses of their information resources as well as monitor potential threats. ISM is developed to provide solutions to solve obstacles, difficulties, and expected challenges associated with literacy and governance of ISO 27001. It also functions to assess the RISC level of organizations towards compliance with ISO 27001.
The information provide here will act as blueprints for managing information security within business organizations. It will allow users to compare and benchmark their own processes and practices against these results shown and come up with new, critical insights to aid them in information security standard (ISO 27001) adoption.
商品描述(中文翻譯)
這本新書《資訊安全管理系統:一個新穎的框架及作為遵循資訊安全標準的工具的軟體》探討了資訊安全管理系統標準、與資訊安全相關的風險管理,以及組織內的資訊安全意識。作者旨在提升組織參與、預測和主動評估其資訊安全狀況的整體能力。
需要注意的是,保護和維護資訊不被未經授權的第三方訪問是一個極其重要的議題。為了解決這個問題,組織必須實施如 ISO 27001 的資訊安全管理系統(ISMS)標準,以全面應對此問題。本書的作者構建了一個新穎的安全框架(ISF),並隨後利用這個框架開發了一款名為整合解決方案建模(ISM)的軟體,這是一個半自動化系統,將大大幫助組織以比其他現有方法更快、更便宜的方式遵循 ISO 27001。此外,ISM 不僅幫助組織評估其對 ISO 27001 的資訊安全合規性,還可以作為監控工具,幫助組織監控其資訊資源的安全狀態以及潛在威脅。ISM 的開發旨在提供解決方案,以解決與 ISO 27001 的素養和治理相關的障礙、困難和預期挑戰。它還能評估組織在遵循 ISO 27001 方面的風險水平。
這裡提供的信息將作為商業組織內部管理資訊安全的藍圖。它將使用者的流程和實踐與這些結果進行比較和基準,並提出新的關鍵見解,以幫助他們採納資訊安全標準(ISO 27001)。
