Towards an Integrated Management System (IMS), harmonizing the ISO/IEC 27001 and ISO/IEC 20000-2 standards
| Autor: | César Pardo, Félix García, Francisco J. Pino |
|---|---|
| Rok vydání: | 2016 |
| Předmět: |
021103 operations research
Process management Computer science business.industry 05 social sciences IT service management 0211 other engineering and technologies Information technology Harmonization 02 engineering and technology Information security Modular design Work (electrical) 0502 economics and business ISO/IEC 20000 business 050203 business & management Software Integrated management |
| Zdroj: | International Journal of Software Engineering and Its Applications. 10:217-230 |
| ISSN: | 1738-9984 |
| DOI: | 10.14257/ijseia.2016.10.9.18 |
| Popis: | In recent times, and in order to maintain an integrated, efficient and homogeneous policy, Integrated Management Systems (IMS) have emerged as an opportunity to improve processes related to Information Technology (IT) in organizations in a way that is modular, consistent and orderly. The ISO 27001 and ISO 20000 standards provide good practices for creating and/or strengthening management infrastructure whose purpose is information security and IT services. In an attempt to provide information on how these standards are related, as well as to facilitate their integration under a single IMS, this article presents the harmonization strategy and results of the harmonization of standards ISO 27001 and ISO 20000 in an organization. The work thereby supports organizations which are interested in knowing how to carry out the harmonization of these models. It also provides a detailed analysis of their similarities and differences, showing an example of how to carry out the integration of related practices between ISO 27001 and ISO 20000-2. In addition, some benefits achieved by the organization are presented. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|