Skip to main content

A security standards' framework to facilitate best practices' awareness and conformity

Buy Article:

$54.08 plus tax (Refund Policy)

Abstract:

Purpose ‐ Recent information security surveys indicate that both the acceptance of international standards and the relative certifications increase continuously. However, it is noted that still the majority of organizations does not know the dominant security standards or does not fully implement them. The aim of this paper is to facilitate the awareness of information security practitioners regarding globally known and accepted security standards, and thus, contribute to their adoption. Design/methodology/approach ‐ The paper adopts a conceptual approach and results in a classification framework for categorizing available information security standards. The classification framework is built in four layers of abstraction, where the initial layer is founded in ISO/IEC 27001:2005 information security management system. Findings ‐ The paper presents a framework for conceptualizing, categorizing and interconnecting available information security standards dynamically. Research limitations/implications ‐ The completeness of the information provided in the paper relies on the pace of standards' publications; thus the information security standards that have been classified in this paper need to be updated when new standards are published. However, the proposed framework can be utilized for this constant effort. Practical implications ‐ Information security practitioners can benefit by the proposed framework for available security standards and effectively invoke the relevant standard each time. Guidelines for utilizing the proposed framework are presented through a case study. Originality/value ‐ Although the practices proposed are not innovative by themselves, the originality of this work lies on the best practices' linkage into a coherent framework that can facilitate the standards diffusion and systematic adoption.

Keywords: Best practice; Data security; International standards

Document Type: Research Article

DOI: http://dx.doi.org/10.1108/09685221011095263

Publication date: November 23, 2010

mcb/046/2010/00000018/00000005/art00004
dcterms_title,dcterms_description,pub_keyword
6
5
20
40
5

Access Key

Free Content
Free content
New Content
New content
Open Access Content
Open access content
Subscribed Content
Subscribed content
Free Trial Content
Free trial content
Cookie Policy
X
Cookie Policy
Ingenta Connect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more