Abstract
Due to the overwhelming complexity in establishing and maintaining a secure organizational framework, it is essential that various Information Security Management elements be tightly integrated to form a well planned methodology. However, organizations often do not have the necessary expertise or resources to follow such a detailed methodology. This paper introduces a software tool that can automate the phases comprising the Information Security Management Methodology.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35586-3_46
Chapter PDF
Similar content being viewed by others
Key words
References
BS 7799-1. (1999). Information security management — Part 1: Code of practice for information security management. London: British Standards Institution.
British Standards Institute (1995). Guide to the British Standard Code of Practice for Information Security Management. PD 0007, United Kingdom.
Forcht, K.A. (1994). Computer Security Management. Massachusetts: Boyd & Fraser.
Guidelines to the Management of Information Technology Security (GMITS). (1995). Part 1, ISO/IEC, JTC 1, SC27, WG 1.
Guidelines to the Management of Information Technology Security (GMITS). (1996). Part 1, ISO/IEC, JTC 1, SC27, WG 1.
Guidelines to the Management of Information Technology Security (GMITS). (1996). Part 2, ISO/IEC, JTC 1, SC27, WG 1.
Guidelines to the Management of Information Technology Security (GMITS). (1996). Part 3, ISO/IEC, JTC 1, SC27, WG 1.
Guidelines to the Management of Information Technology Security (GMITS). (1997). Part 2, ISO/IEC, JTC 1, SC27, WG 1.
Guidelines to the Management of Information Technology Security (GMITS). (1997). Part 3, ISO/IEC, JTC 1, SC27, WG 1.
Halliday, S. & Von Solms, R (1995). An Alternative Approach to IT Risk Analysis and Management. MTech thesis. Port Elizabeth: Port Elizabeth Technikon.
Hutchinson, B. & Warren, M. (1999). The Future of Australian & New Zealand Security Standard AS/NZA 4444? In J.H.P. Eloff & L. Labuschagne & R. von Solms & J. Verschuren (Eds.). Information Security Management & Small Systems Security (pp. 41 – 49). United States of America: Kluwer Academic Publishers.
Moule, B. & Giavara, L. (1995). Policies, procedures and standards: an approach for implementation. Information Management & Computer Security, 3, (3). pp. 12–16.
Parker, D.B. (1998). Fighting computer crime: a new framework for protecting information. New York: John Wiley & Sons, Inc.
Von Solms, R. (1998). Information Security Management (3): the Code of Practice for Information Security Management (BS 7799), Information Management & Computer Security, 6 (5), pp. 224–225.
Vermeulen, C. & Von Solms, R (2001). The Development and Implementation of a Methodology for an Integrated Information Security Management System in an Organization. Unpublished MTech thesis. Port Elizabeth: Port Elizabeth Technikon.
Vermeulen, C. & Von Solms, R (2001). Information Security Management Toolbox — Taking the pain out of Security Management.
Wood, C. Charles. (1994). Information security policies made easy: A comprehensive set of information security policies.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Hoppe, O.A., van Niekerk, J., von Solms, R. (2002). The Effective Implementation of Information Security in Organizations. In: Ghonaimy, M.A., El-Hadidi, M.T., Aslan, H.K. (eds) Security in the Information Society. IFIP Advances in Information and Communication Technology, vol 86. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35586-3_1
Download citation
DOI: https://doi.org/10.1007/978-0-387-35586-3_1
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-1026-7
Online ISBN: 978-0-387-35586-3
eBook Packages: Springer Book Archive