Modern society depends on information technology in nearly every facet of human activity including, finance, transportation, education, government, and defense. Organizations are exposed to various kinds of risks, including information technology risks. Several standards, best practices, and frameworks have been created to help organizations manage these risks. The purpose of this research work is to highlight the challenges facing enterprises in their efforts to properly manage information security risks when adopting international standards and frameworks. To assist in selecting the best framework to use in risk management, the article presents an overview of the most popular and widely used standards and identifies selection criteria. It suggests an approach to proper implementation as well. A set of recommendations is put forward with further research opportunities on the subject.
Information security risk management security frameworks security standards security management
Birincil Dil | İngilizce |
---|---|
Bölüm | Makaleler |
Yazarlar | |
Yayımlanma Tarihi | 28 Haziran 2013 |
Gönderilme Tarihi | 30 Ocak 2016 |
Yayımlandığı Sayı | Yıl 2013 Cilt: 2 Sayı: 2 |