Search results for "Information security audit"

showing 1 items of 1 documents

Aligning Two Specifications for Controlling Information Security

2014

Assuring information security is a necessity in modern organizations. Many recommendations for information security management exist, which can be used to define a baseline of information security requirements. ISO/ IEC 27001 prescribes a process for an information security management system, and guidance to implement security controls is provided in ISO/IEC 27002. Finnish National Security Auditing Criteria (KATAKRI) has been developed by the national authorities in Finland as a tool to verify maturity of information security practices. KATAKRI defines both security control objectives and security controls to meet an objective. Here the authors compare and align these two specifications in…

Information Systems and ManagementComputer Networks and Communicationsinformation securitysecurity specification alignmentComputer securitycomputer.software_genreSecurity information and event managementInformation security auditKATAKRIsecurity managementSafety Risk Reliability and Qualitysecurity audit criteriaInformation security management systemta113Certified Information Security ManagerInformation securitySecurity controlsISO/IEC 27001ISO/IEC 27002ITIL security managementRisk analysis (engineering)Security servicesecurity cerificationHardware and ArchitectureBusinessSafety ResearchcomputerSoftwaresecurity controls
researchProduct