Information security risk management model: A state of the art review
Descripción del Articulo
Both public and private organizations are going through dynamic scenarios with the emergence and inrush of new information technologies, making an increasingly intensive use of information. When analyzing the processes and interrelationships of these organizations with the information resources they...
| Autor: | |
|---|---|
| Formato: | artículo |
| Fecha de Publicación: | 2020 |
| Institución: | Universidad Nacional Mayor de San Marcos |
| Repositorio: | Revistas - Universidad Nacional Mayor de San Marcos |
| Lenguaje: | español |
| OAI Identifier: | oai:ojs.csi.unmsm:article/17103 |
| Enlace del recurso: | https://revistasinvestigacion.unmsm.edu.pe/index.php/rpcsis/article/view/17103 |
| Nivel de acceso: | acceso abierto |
| Materia: | Risk risk management information security ISO / IEC 27001 Riesgo gestión de riesgos seguridad de la información ISO 27001 |
| Sumario: | Both public and private organizations are going through dynamic scenarios with the emergence and inrush of new information technologies, making an increasingly intensive use of information. When analyzing the processes and interrelationships of these organizations with the information resources they access, it is essential to consider the new risks to which organizations are exposed. This requires developing risk management strategies that facilitate the analysis, identification and treatment of the risks associated with information assets in order to find ways to minimize the negative impact. In this scenario, the use of risk management models that simplify and systematize these tasks are useful. The present study includes a review of the literature referring to risk management frameworks, models and methodologies, to identify the activities, elements and components to develop for the development of a risk management model oriented to information security, which allows covering issues related to information security, cybersecurity and compliance with the particular requirements of the organization for the development of a model aligned to the needs and requirements of an organization. |
|---|
Nota importante:
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
