Advanced information security management evaluation system

Heasuk Jo, Seung-Joo Kim, Dongho Won

Research output: Contribution to journalArticle

6 Citations (Scopus)

Abstract

Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.

Original languageEnglish
Pages (from-to)1192-1213
Number of pages22
JournalKSII Transactions on Internet and Information Systems
Volume5
Issue number6
DOIs
Publication statusPublished - 2011 Jun 1

Fingerprint

Security of data
Wireless networks
Industry
Internet
Costs

Keywords

  • Information security check
  • Information security evaluation
  • Information security evaluation process
  • Information security management systems (ISMSs)

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems

Cite this

Advanced information security management evaluation system. / Jo, Heasuk; Kim, Seung-Joo; Won, Dongho.

In: KSII Transactions on Internet and Information Systems, Vol. 5, No. 6, 01.06.2011, p. 1192-1213.

Research output: Contribution to journalArticle

@article{d79b32e645c046ce8238f5f6256f9d38,
title = "Advanced information security management evaluation system",
abstract = "Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.",
keywords = "Information security check, Information security evaluation, Information security evaluation process, Information security management systems (ISMSs)",
author = "Heasuk Jo and Seung-Joo Kim and Dongho Won",
year = "2011",
month = "6",
day = "1",
doi = "10.3837/tiis.2011.06.006",
language = "English",
volume = "5",
pages = "1192--1213",
journal = "KSII Transactions on Internet and Information Systems",
issn = "1976-7277",
publisher = "Korea Society of Internet Information",
number = "6",

}

TY - JOUR

T1 - Advanced information security management evaluation system

AU - Jo, Heasuk

AU - Kim, Seung-Joo

AU - Won, Dongho

PY - 2011/6/1

Y1 - 2011/6/1

N2 - Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.

AB - Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.

KW - Information security check

KW - Information security evaluation

KW - Information security evaluation process

KW - Information security management systems (ISMSs)

UR - http://www.scopus.com/inward/record.url?scp=84863011748&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84863011748&partnerID=8YFLogxK

U2 - 10.3837/tiis.2011.06.006

DO - 10.3837/tiis.2011.06.006

M3 - Article

AN - SCOPUS:84863011748

VL - 5

SP - 1192

EP - 1213

JO - KSII Transactions on Internet and Information Systems

JF - KSII Transactions on Internet and Information Systems

SN - 1976-7277

IS - 6

ER -