Modeling the information security management system (ISMS) of a medical organization

Abstract: The implementation of information security systems is one of the main components, without which the existence of any modern medical institution is impossible. This question is actual for the healthcare industry. This is confirmed by the presence of large-scale measures that are being implemented as part of the Russian Federation’s healthcare modernization program. But the result of informatization is not always achieved easily and successfully. This process includes the equipment of the technical support of th… Show more

“…(2021) discovered that firms, particularly small and medium-sized ones, frequently fail to implement IS standards because of high costs and a lack of proof that the advantages outweigh the disadvantages. Previous research by Safonova and Kotelnikov (2020) established that modern ISMS practices are based on the international standard ISO/IEC 27001, which is supported by Fonseca-Herrera et al (2021), who state that the international standard ISO/IEC 27001 is the leading standard of the ISO 27000 series and contains the ISMS requirements. Another study by Muhamad Khairulnizam et al (2020) determined ISO/IEC 27001 (2005, 2013 and ISO.org (2013) to be the most complete and widely accepted ISM standards.…”

“…Likewise, their research revealed that by using ISMS, organizations can benefit financially, which helps corporate reputation and branding. According to Safonova and Kotelnikov (2020), the prior version of ISMS emphasized the Plan-Do-Check-Act (PDCA) management approach; however, the recent version of ISMS does not. Additionally, Nurazean et al ( 2021) discovered several benefits of ISMS, including the ability to focus on proactive measures, reducing client audit requirements, resulting in fewer incidents and service disruption, less resource spent on finding new customers and investors, greater productivity, increasing the effectiveness of incident response management, resulting in less time and money spent on damage limitation measures, a better understanding of business information processes, and reassuring customers.…”

“…The research findings indicate that ISMS implementation, following the PDCA management approach, assures comprehensive and effective data protection. Safonova and Kotelnikov (2020) emphasize the importance of policy management and ISMS execution. Additionally, Fonseca-Herrera et al (2021) assert that incorporating the ISO/IEC 27001 standard into ISMS-implemented data protection…”

Implementation of Information Security Management Systems for Data Protection in Organizations: A systematic literature review

“…(2021) discovered that firms, particularly small and medium-sized ones, frequently fail to implement IS standards because of high costs and a lack of proof that the advantages outweigh the disadvantages. Previous research by Safonova and Kotelnikov (2020) established that modern ISMS practices are based on the international standard ISO/IEC 27001, which is supported by Fonseca-Herrera et al (2021), who state that the international standard ISO/IEC 27001 is the leading standard of the ISO 27000 series and contains the ISMS requirements. Another study by Muhamad Khairulnizam et al (2020) determined ISO/IEC 27001 (2005, 2013 and ISO.org (2013) to be the most complete and widely accepted ISM standards.…”

“…Likewise, their research revealed that by using ISMS, organizations can benefit financially, which helps corporate reputation and branding. According to Safonova and Kotelnikov (2020), the prior version of ISMS emphasized the Plan-Do-Check-Act (PDCA) management approach; however, the recent version of ISMS does not. Additionally, Nurazean et al ( 2021) discovered several benefits of ISMS, including the ability to focus on proactive measures, reducing client audit requirements, resulting in fewer incidents and service disruption, less resource spent on finding new customers and investors, greater productivity, increasing the effectiveness of incident response management, resulting in less time and money spent on damage limitation measures, a better understanding of business information processes, and reassuring customers.…”

“…The research findings indicate that ISMS implementation, following the PDCA management approach, assures comprehensive and effective data protection. Safonova and Kotelnikov (2020) emphasize the importance of policy management and ISMS execution. Additionally, Fonseca-Herrera et al (2021) assert that incorporating the ISO/IEC 27001 standard into ISMS-implemented data protection…”

Implementation of Information Security Management Systems for Data Protection in Organizations: A systematic literature review