Show/Hide Menu
Hide/Show Apps
anonymousUser
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
A Collaborative Process Based Risk Analysis for Information Security Management Systems
Date
2010-04-09
Author
Karabacak, Bilge
Özkan Yıldırım, Sevgi
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
3
views
0
downloads
Cite This
Today, many organizations quote intent for ISO/IEC 27001:2005 certification. Also, some organizations are en route to certification or already certified. Certification process requires performing a risk analysis in the specified scope. Risk analysis is a challenging process especially when the topic is information security. Today, a number of methods and tools are available for information security risk analysis. The hard task is to use the best fit for the certification. In this work we have proposed a process based risk analysis method which is suitable for ISO/IEC 27001:2005 certifications. Our risk analysis method allows the participation of staff to the determination of the scope and provides a good fit for the certification process. The proposed method has been conducted for an organization and the results of the applications are shared with the audience. The proposed collaborative risk analysis method allows for the participation of staff and managers while still being manageable in a timely manner to uncover crucial information security risks.
Subject Keywords
ISO/IEC 27001:2005
,
Information security
,
Risk analysis
,
Flow chart
,
Process approach
URI
https://hdl.handle.net/11511/53069
Collections
Graduate School of Informatics, Conference / Seminar
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
B. Karabacak and S. Özkan Yıldırım, “A Collaborative Process Based Risk Analysis for Information Security Management Systems,” presented at the 5th International Conference on Information Warfare and Security, Air Force Inst Technol, Wright Patterson AFB, OH, 2010, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/53069.
