Advanced information security management evaluation system

Heasuk Jo; Seung-Joo Kim; Dongho Won

doi:10.3837/tiis.2011.06.006

Advanced information security management evaluation system

Heasuk Jo, Seung-Joo Kim, Dongho Won

Graduate School of Information Security

Research output: Contribution to journal › Article

6 Citations (Scopus)

Abstract

Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.

Original language	English
Pages (from-to)	1192-1213
Number of pages	22
Journal	KSII Transactions on Internet and Information Systems
Volume	5
Issue number	6
DOIs	https://doi.org/10.3837/tiis.2011.06.006
Publication status	Published - 2011 Jun 1

Fingerprint

Security of data

Wireless networks

Industry

Internet

Costs

Keywords

Information security check
Information security evaluation
Information security evaluation process
Information security management systems (ISMSs)

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems

Cite this

Jo, H., Kim, S-J., & Won, D. (2011). Advanced information security management evaluation system. KSII Transactions on Internet and Information Systems, 5(6), 1192-1213. https://doi.org/10.3837/tiis.2011.06.006

Advanced information security management evaluation system. / Jo, Heasuk; Kim, Seung-Joo; Won, Dongho.

In: KSII Transactions on Internet and Information Systems, Vol. 5, No. 6, 01.06.2011, p. 1192-1213.

Research output: Contribution to journal › Article

Jo, H, Kim, S-J & Won, D 2011, 'Advanced information security management evaluation system', KSII Transactions on Internet and Information Systems, vol. 5, no. 6, pp. 1192-1213. https://doi.org/10.3837/tiis.2011.06.006

Jo H, Kim S-J, Won D. Advanced information security management evaluation system. KSII Transactions on Internet and Information Systems. 2011 Jun 1;5(6):1192-1213. https://doi.org/10.3837/tiis.2011.06.006

Jo, Heasuk ; Kim, Seung-Joo ; Won, Dongho. / Advanced information security management evaluation system. In: KSII Transactions on Internet and Information Systems. 2011 ; Vol. 5, No. 6. pp. 1192-1213.

@article{d79b32e645c046ce8238f5f6256f9d38,

title = "Advanced information security management evaluation system",

abstract = "Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.",

keywords = "Information security check, Information security evaluation, Information security evaluation process, Information security management systems (ISMSs)",

author = "Heasuk Jo and Seung-Joo Kim and Dongho Won",

year = "2011",

month = "6",

day = "1",

doi = "10.3837/tiis.2011.06.006",

language = "English",

volume = "5",

pages = "1192--1213",

journal = "KSII Transactions on Internet and Information Systems",

issn = "1976-7277",

publisher = "Korea Society of Internet Information",

number = "6",

}

TY - JOUR

T1 - Advanced information security management evaluation system

AU - Jo, Heasuk

AU - Kim, Seung-Joo

AU - Won, Dongho

PY - 2011/6/1

Y1 - 2011/6/1

N2 - Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.

AB - Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.

KW - Information security check

KW - Information security evaluation

KW - Information security evaluation process

KW - Information security management systems (ISMSs)

UR - http://www.scopus.com/inward/record.url?scp=84863011748&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84863011748&partnerID=8YFLogxK

U2 - 10.3837/tiis.2011.06.006

DO - 10.3837/tiis.2011.06.006

M3 - Article

AN - SCOPUS:84863011748

VL - 5

SP - 1192

EP - 1213

JO - KSII Transactions on Internet and Information Systems

JF - KSII Transactions on Internet and Information Systems

SN - 1976-7277

IS - 6

ER -

Access to Document

10.3837/tiis.2011.06.006