A Methodology to Implement an Information Security Management System

Martins, Alaide Barbosa; Santos, Celso A. S.

doi:10.4301/s1807-17752005000200002

Cited by 3 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Martins and Santos [12] also used the central norms and security standards to create guidelines. From that point on, they presented a proposal for a methodology to implement an information security management system (ISMS) to guarantee a networked computing environment.…”

Section: B Information Security and The Common Criteria Standardmentioning

confidence: 99%

“…Since then, this kind of application has been discussed [54] for single and mixed networks. The methodology used in [12] was a case study in an environmental protection company (predominantly private capital). As a result, the ISMS was implemented in the company, considering the particularities of its business.…”

Section: B Information Security and The Common Criteria Standardmentioning

confidence: 99%

“…The discussion about information security in scientific literature shows a search for the foundation of cybersecurity systems and an effort to develop tools and methodologies for product homologation [12,13,14,18,21,22,23,24,77]. Moreover, national systems and private companies have invested in such an effort as they could and should be expected to do [19,66,61].…”

Section: Summary and Decision About Information Security Standardsmentioning

confidence: 99%

See 2 more Smart Citations

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

2021

View full text Add to dashboard Cite

In the present work, we propose and validate a Common Criteria Standard Protection Profile (sPP) for videoconferencing equipment. The research presents the definition and analysis of the homologation system used to validate the standard protection profile, focusing on its application focused in a large Brazilian financial company. We address the main points to consider in the acquisition and current use of this product: reasonable information security assumptions, technical standards, recommendations, and international best cybersecurity practices. As a result, we have developed a Standard Protection Profile identifying the information security risks involved and the minimum parameters required in those systems acquired and used for Government environments. This paper also presents all tests performed to validate the proposed sPP. As the application is critical, involving sensitive data, our results can also foster less risky conditions in the myriad situations caused by the COVID pandemic.

show abstract

Section: B Information Security and The Common Criteria Standardmentioning

confidence: 99%

Section: B Information Security and The Common Criteria Standardmentioning

confidence: 99%

Section: Summary and Decision About Information Security Standardsmentioning

confidence: 99%

See 1 more Smart Citation

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

2021

View full text Add to dashboard Cite

show abstract

Modelo de governança de tecnologia da informação do escritório ao chão de fábrica.

Riekstin¹

View full text Add to dashboard Cite

Uma estratégia para implantação de sistemas integrados de gestão em instituições públicas

Filho

Miranda

Júnior

et al. 2014

RBADM

View full text Add to dashboard Cite

RESUMOO êxito na implantação de sistemas integrados de gestão em instituições públicas federais requer uma sistemática capaz de mitigar riscos que vão desde a limitação de pessoal técnico para apoiar a iniciativa à resistência das pessoas às mudanças. Este trabalho apresenta uma estratégia para tratar os principais obstáculos à institucionalização de um sistema integrado de gestão em instituições públicas e relata os aperfeiçoamentos realizados em função das lições aprendidas durante sua aplicação. A estratégia é composta por um processo, que orienta a aplicação da estratégia; por um conjunto de políticas que sustentam e garantem a execução do processo; e por uma ferramenta de gerenciamento de tarefas, que apoia o planejamento, a monitoração e controle das tarefas planejadas para implantação. A estratégia está sendo aplicada em uma instituição federal de ensino superior e tem se mostrado efetiva na implantação de cada módulo. PALAVRAS-CHAVES:ERP; Estratégia de Implantação; Processos; Sistema Integrado de Gestão. A STRATEGY FOR DEPLOYING INTEGRATED MANAGEMENT SYSTEMS IN PUBLIC ORGANIZATIONS ABSTRACTThe successful implementation of integrated management systems in public organizations requires a systematic approach able to mitigate risks ranging from limited technical staff for supporting project to the challenges related to cultural changes. This paper presents a strategy for tackling the main obstacles to the institutionalization of an integrated management system in public organizations and reports the enhancements made on the basis of the lessons learned during its implementation. The strategy is composed of a process, which guides the implementation of the strategy; by a set of policies that sustain and ensure the execution of the process; and a task management tool that supports planning, monitoring and control of deployment tasks. The strategy is being applied in a public university and has proven effective in the implementation of each module.

show abstract

A Methodology to Implement an Information Security Management System

Cited by 3 publications

References 0 publications

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

Modelo de governança de tecnologia da informação do escritório ao chão de fábrica.

Uma estratégia para implantação de sistemas integrados de gestão em instituições públicas

Contact Info

Product

Resources

About