Information security is a very important component to an organization’s dependence on ICT. The operational environment where these technologies are operating is a very complex environment. Offering a good level of protection by information security process needs a well defined managerial framework. This paper discusses the reasons why having a well defined managerial security framework is needed in an information security area, which are the tools to build and perform such a management framework. After a short presentation two international standards related to Information Security Management, ISO 17799:2005 and ISO 27001 standards, the implications of being conform to these standards are analysed and their advantages and limits in a security management framework are pointed out.
The URI to TrackBack this entry is: https://iglitashi.wordpress.com/2010/04/11/iso-security-standards-as-leverage-on-it-security-management/trackback/