A Study on Development of Information Security Evaluation Model

Hur, Soon Haeng; Lee, Kwang Woo; Jo, Hea Suk; Jeong, Han Jae; Jeon, Woong Ryul; Won, Dong Ho; Kim, Seungjoo

doi:10.3745/kipstc.2008.15-c.3.173

Cited by 2 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The scoring is dependent on the implementation of each EC in an organization. The EC is then designed to evaluate current information management system using the references and standards of [3][14] [24][29] [30][31] [36][37] [38]. Moreover the EC includes standards of ISO 27001 and ISMS of Korea, and it has been completed by add of security items and modification these references to enable an organization to increase security.…”

Section: Current Level Evaluation Of Organizationmentioning

confidence: 99%

“…Therefore, the proposed evaluation checklist can place greater emphasis on risk factors in management security. • Revision of [38], [43], and [44]: In this paper, new revision is as follows: an added and modified checklist(TC and EC), an application of quantitative and qualitative analysis methodology, a separated application of self-evaluation and evaluation committee for information security management evaluation, and an evaluation of ISMES. The best method of ISMES evaluation is a uniform application throughout the real organization.…”

Section: Ismes Evaluationmentioning

confidence: 99%

“…Moreover, this study can be used as a guideline to develop new ISMSs for individual businesses. This paper is expanded and revised based on [38] [43], and [44].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Advanced Information Security Management Evaluation System

Jo¹,

Kim²,

Won³

2011

KSII TIIS

View full text Add to dashboard Cite

Information security management systems (ISMSs) are used to manage information about their customers and themselves by governments or business organizations following advances in e-commerce, open networks, mobile networks, and Internet banking. This paper explains the existing ISMSs and presents a comparative analysis. The discussion deals with different types of ISMSs. We addressed issues within the existing ISMSs via analysis. Based on these analyses, then we proposes the development of an information security management evaluation system (ISMES). The method can be applied by a self-evaluation of the organization and an evaluation of the organization by the evaluation committee. The contribution of this study enables an organization to refer to and improve its information security levels. The case study can also provide a business organization with an easy method to build ISMS and the reduce cost of information security evaluation.

show abstract

Section: Current Level Evaluation Of Organizationmentioning

confidence: 99%

Section: Ismes Evaluationmentioning

confidence: 99%

See 1 more Smart Citation

Advanced Information Security Management Evaluation System

Jo¹,

Kim²,

Won³

2011

KSII TIIS

View full text Add to dashboard Cite

show abstract

Development of the Information Security Methodology for Defense Organization

Cho¹,

Choi²,

Park³

et al. 2013

Journal of the Korea society of IT services

View full text Add to dashboard Cite

As Cyber threats are rising, the scope of information Security (IS) is extending from technical protection of a single information system to organizational comprehensive IS capability. The ministry of National Defense (MND) has established the IS evaluation for defense organization in 'the Directive for Defense Informatization Affairs.' However, no information about an evaluation method, process and organization is provided. We surveyed information security management system (ISMS) and related best practices in public sector and other countries, and analysed the military information security affairs. Thus, this paper recommends the IS evaluation method and process. The trial IS evaluation is in progress this year and the MND will expand this IS evaluation to the entire organization.

show abstract

A Study on Development of Information Security Evaluation Model

Cited by 2 publications

References 0 publications

Advanced Information Security Management Evaluation System

Advanced Information Security Management Evaluation System

Development of the Information Security Methodology for Defense Organization

Contact Info

Product

Resources

About