Methodology for Dynamic Analysis and Risk Management on ISO27001

The information society is increasingly dependent Information Systems Security Management (ISMS) and knowledge of the security risks associated with its assets value. However, very few risk analysis methodologies have been raised as to create systems to analyze risks in a quick and economical, and w...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Revista IEEE América Latina 2016-06, Vol.14 (6), p.2897-2911
Hauptverfasser: Santos Olmo Parra, Antonio, Sanchez Crespo, Luis Enrique, Alvarez, Esther, Huerta, Monica, Fernandez Medina Paton, Eduardo
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The information society is increasingly dependent Information Systems Security Management (ISMS) and knowledge of the security risks associated with its assets value. However, very few risk analysis methodologies have been raised as to create systems to analyze risks in a quick and economical, and which in turn can leave this system dynamically update. This paper presents a new methodology, called MARISMA, aimed at carrying out a risk analysis simplified and dynamic, which is valid for all companies, including SMEs, and to provide solutions to the problems identified during the application of the scientific method "Action Research". This methodology is being applied directly to real cases, thus achieving a constant improvement of its processes.
ISSN:1548-0992
1548-0992
DOI:10.1109/TLA.2016.7555273