Show/Hide Menu
Hide/Show Apps
anonymousUser
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Açık Bilim Politikası
Açık Bilim Politikası
Frequently Asked Questions
Frequently Asked Questions
Browse
Browse
By Issue Date
By Issue Date
Authors
Authors
Titles
Titles
Subjects
Subjects
Communities & Collections
Communities & Collections
A Collaborative Process Based Risk Analysis for Information Security Management Systems
Date
2010-04-09
Author
Karabacak, Bilge
Özkan Yıldırım, Sevgi
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
1
views
0
downloads
Today, many organizations quote intent for ISO/IEC 27001:2005 certification. Also, some organizations are en route to certification or already certified. Certification process requires performing a risk analysis in the specified scope. Risk analysis is a challenging process especially when the topic is information security. Today, a number of methods and tools are available for information security risk analysis. The hard task is to use the best fit for the certification. In this work we have proposed a process based risk analysis method which is suitable for ISO/IEC 27001:2005 certifications. Our risk analysis method allows the participation of staff to the determination of the scope and provides a good fit for the certification process. The proposed method has been conducted for an organization and the results of the applications are shared with the audience. The proposed collaborative risk analysis method allows for the participation of staff and managers while still being manageable in a timely manner to uncover crucial information security risks.
Subject Keywords
ISO/IEC 27001:2005
,
Information security
,
Risk analysis
,
Flow chart
,
Process approach
URI
https://hdl.handle.net/11511/53069
Collections
Graduate School of Informatics, Conference / Seminar
