The Use of BS7799 Information Security Standard to Construct Mechanisms for the Management of Medical Organization Information Security
| Autor: | Shu-Fan Liu, Hao-En Chueh, Kuo-Hsiung Liao |
|---|---|
| Rok vydání: | 2011 |
| Předmět: |
Knowledge management
Information security management Certified Information Security Manager Risk analysis (engineering) business.industry Standard of Good Practice Security convergence Security management Business Information security Asset (computer security) Security information and event management |
| Zdroj: | Communications in Computer and Information Science ISBN: 9783642181337 |
| Popis: | According to surveys, 80 % of security related events threatening information in medical organizations is due to improper management. Most research on information security has focused on information and security technology, such as network security and access control; rarely addressing issues at the management issues. The main purpose of this study is to construct a BS7799 based mechanism for the management of information with regard to security as it applies to medical organizations. This study analyzes and identifies the most common events related to information security in medical organizations and categorizes these events as high-risk, transferable-risk, and controlled-risk to facilitate the management of such risk. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|