Collaborative risk method for information security management practices: A case context within Turkey

ÖZKAN YILDIRIM, SEVGİ; Karabacak, Bilge

doi:10.1016/j.ijinfomgt.2010.08.007

Collaborative risk method for information security management practices: A case context within Turkey

Atıf İçin Kopyala

ÖZKAN YILDIRIM S., Karabacak B.

INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT, cilt.30, sa.6, ss.567-572, 2010 (SSCI)

Yayın Türü: Makale / Tam Makale
Cilt numarası: 30 Sayı: 6
Basım Tarihi: 2010
Doi Numarası: 10.1016/j.ijinfomgt.2010.08.007
Dergi Adı: INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT
Derginin Tarandığı İndeksler: Social Sciences Citation Index (SSCI), Scopus
Sayfa Sayıları: ss.567-572
Anahtar Kelimeler: ISO/IEC 27001:2005, ISO/IEC 27002:2005, Information security, Risk analysis, Flow chart, Case process approach, Information security governance, SYSTEM
Orta Doğu Teknik Üniversitesi Adresli: Evet

Özet

In this case study, a collaborative risk method for information security management has been analyzed considering the common problems encountered during the implementation of ISO standards in eight Turkish public organizations. This proposed risk method has been applied within different public organizations and it has been demonstrated to be effective and problem-free. The fundamental issue is that there is no legislation that regulates the information security liabilities of the public organizations in Turkey. The findings and lessons learned presented in this case provide useful insights for practitioners when implementing information security management projects in other international public sector organizations. (C) 2010 Elsevier Ltd. All rights reserved.