Information Security Management Systems: A Novel Framework and Software as a Tool for Compliance with Information Security Standard
暫譯: 資訊安全管理系統:一個新穎框架及軟體作為遵循資訊安全標準的工具
Susanto, Heru, Almunawar, Mohammad Nabil
- 出版商: Apple Academic Press
- 出版日期: 2021-03-31
- 售價: $3,570
- 貴賓價: 9.5 折 $3,392
- 語言: 英文
- 頁數: 326
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1774636522
- ISBN-13: 9781774636527
-
相關分類:
資訊安全
海外代購書籍(需單獨結帳)
相關主題
商品描述
This new volume, Information Security Management Systems: A Novel Framework and Software as a Tool for Compliance with Information Security Standard, looks at information security management system standards, risk management associated with information security, and information security awareness within an organization. The authors aim to improve the overall ability of organizations to participate, forecast, and actively assess their information security circumstances.
It is important to note that securing and keeping information from parties who do not have authorization to access such information is an extremely important issue. To address this issue, it is essential for an organization to implement an ISMS standard such as ISO 27001 to address the issue comprehensively. The authors of this new volume have constructed a novel security framework (ISF) and subsequently used this framework to develop software called Integrated Solution Modeling (ISM), a semi-automated system that will greatly help organizations comply with ISO 27001 faster and cheaper than other existing methods. In addition, ISM does not only help organizations to assess their information security compliance with ISO 27001, but it can also be used as a monitoring tool, helping organizations monitor the security statuses of their information resources as well as monitor potential threats. ISM is developed to provide solutions to solve obstacles, difficulties, and expected challenges associated with literacy and governance of ISO 27001. It also functions to assess the RISC level of organizations towards compliance with ISO 27001.
The information provide here will act as blueprints for managing information security within business organizations. It will allow users to compare and benchmark their own processes and practices against these results shown and come up with new, critical insights to aid them in information security standard (ISO 27001) adoption.
商品描述(中文翻譯)
這本新書《資訊安全管理系統:一個新穎的框架及作為遵循資訊安全標準的工具的軟體》探討了資訊安全管理系統標準、與資訊安全相關的風險管理,以及組織內部的資訊安全意識。作者旨在提升組織參與、預測及主動評估其資訊安全狀況的整體能力。
需要注意的是,保護和維護資訊不被未經授權的第三方訪問是極其重要的議題。為了解決這個問題,組織必須實施如 ISO 27001 的資訊安全管理系統(ISMS)標準,以全面應對此問題。本書的作者構建了一個新穎的安全框架(ISF),並隨後利用這個框架開發了一款名為整合解決方案建模(ISM)的軟體,這是一個半自動化系統,將大大幫助組織以比其他現有方法更快、更便宜的方式遵循 ISO 27001。此外,ISM 不僅幫助組織評估其對 ISO 27001 的資訊安全合規性,還可以作為監控工具,幫助組織監控其資訊資源的安全狀態以及潛在威脅。ISM 的開發旨在提供解決方案,以解決與 ISO 27001 的素養和治理相關的障礙、困難和預期挑戰。它還能評估組織在遵循 ISO 27001 方面的風險水平。
這裡提供的信息將作為商業組織內部管理資訊安全的藍圖。它將使用者的流程和實踐與這些結果進行比較和基準,並提出新的關鍵見解,以幫助他們採納資訊安全標準(ISO 27001)。
作者簡介
Heru Susanto, PhD, is currently the head and researcher of the Computational Science & IT Governance Research Group at the Indonesian Institute of Sciences. He is also an Honorary Professor and Visiting Scholar at the Department of Information Management, College of Management and Hospitality, Tunghai University, Taichung, Taiwan. Dr. Heru has experience as an IT professional and as web division head at IT Strategic Management at Indomobil Group Corporation. He has worked as the Prince Muqrin Chair for Information Security Technologies at King Saud University in Riyadh, Saudi Arabia. He received a BSc in Computer Science from Bogor Agricultural University, an MBA in Marketing Management from the School of Business and Management Indonesia, an MSc in Information System from King Saud University, and a PhD in Information Security System from the University of Brunei and King Saud University. His research interests are in the areas of information security, it governance, computational sciences, business process re-engineering, and e-marketing.
Mohammad Nabil Almunawar, PhD, is currently a senior lecturer and the Dean of the School of Business and Economics, Universiti of Brunei Darussalam (UBD), Brunei Darussalam. Dr. Almunawar has published more than 60 papers in refereed journals, book chapters, and presentations at international conferences. He has more than 25 years of teaching experience in the area of computer and information systems. His overall research interests include applications of IT in management, electronic business/commerce, health informatics, information security, and cloud computing. He is also interested in object-oriented technology, databases and multimedia retrieval.
Dr. Almunawar received his bachelor degree in 1983 from Bogor Agricultural University, Indonesia; his master's degree (MSc in Computer Science) from the Department of Computer Science, University of Western Ontario, London, Canada, in 1991, and a PhD from the University of New South Wales (School of Computer Science and Engineering, UNSW), Australia, in 1998.
作者簡介(中文翻譯)
Heru Susanto, PhD 目前是印尼科學院計算科學與資訊科技治理研究小組的負責人及研究員。他同時也是台灣台中市東海大學管理暨餐旅學院資訊管理系的名譽教授及訪問學者。Heru博士擁有IT專業背景,曾擔任Indomobil Group Corporation的IT戰略管理部門網頁部門負責人。他曾在沙烏地阿拉伯利雅德的King Saud University擔任Prince Muqrin資訊安全技術講座教授。他在博戈爾農業大學獲得計算機科學學士學位,在印尼商業與管理學院獲得行銷管理碩士學位,在King Saud University獲得資訊系統碩士學位,並在汶萊大學及King Saud University獲得資訊安全系統博士學位。他的研究興趣包括資訊安全、IT治理、計算科學、業務流程再造及電子行銷。
Mohammad Nabil Almunawar, PhD 目前是汶萊達魯薩蘭大學(Universiti of Brunei Darussalam, UBD)商業與經濟學院的高級講師及院長。Almunawar博士在同行評審的期刊、書籍章節及國際會議上發表了超過60篇論文。他在計算機及資訊系統領域擁有超過25年的教學經驗。他的整體研究興趣包括IT在管理中的應用、電子商務、健康資訊學、資訊安全及雲計算。他也對物件導向技術、資料庫及多媒體檢索感興趣。
Almunawar博士於1983年在印尼博戈爾農業大學獲得學士學位;1991年在加拿大倫敦的西安大略大學計算機科學系獲得碩士學位(計算機科學碩士),並於1998年在澳大利亞新南威爾士大學(計算機科學與工程學院)獲得博士學位。
