|
|||||
|
|
A study on information security management system evaluation—assets, threat and vulnerability |
|
| Authors: | Kwo-Jean Farn Shu-Kuo Lin Andrew Ren-Wei Fung |
| Affiliation: | a Institute of Information Management, National Chiao-Tung University, 1001 Ta Hsueh Road, Hsinchu 300, Taiwan, ROC b Internet Security Solutions International Co., Taiwan, ROC c DCGS for Communications, Electronics and Information (J-6), Ministry of National Defense, Taiwan, ROC |
| Abstract: | The security of information system is like a chain. Its strength is affected by the weakest knot. Since we can achieve 100% Information Security Management System (ISMS) security, we must cautiously fulfill the certification and accreditation of information security. In this paper, we analyzed, studied the evaluation knowledge and skills required for auditing the certification procedures for the three aspects of ISMS—asset, threat, and vulnerability. |
| Keywords: | Certification Evaluation Framework Information Security Management System National Information Assurance Certification and Accreditation Process |
| 本文献已被 ScienceDirect 等数据库收录! | |