Using ISO 17799: 2005 information security management: a STOPE view with six sigma approach
✍ Scribed by Mohammad Saad Saleh; Abdullah Alrabiah; Saad Haj Bakry
- Publisher
- John Wiley and Sons
- Year
- 2007
- Tongue
- English
- Weight
- 106 KB
- Volume
- 17
- Category
- Article
- ISSN
- 1055-7148
- DOI
- 10.1002/nem.616
No coin nor oath required. For personal study only.
✦ Synopsis
Abstract
This paper is concerned with supporting the use of ISO 17799: 2005 information security management standard for the purpose of providing a ‘common safe environment’ for information services. The paper introduces a STOPE view of the standard, integrating its parts and protection measures around the basic domains of ‘strategy, technology, organization, people, and environment’. The paper also presents an approach for the application of the standard, considering the STOPE view, in a way that emphasizes continuous improvement. The phases of the approach are based on the phases of six sigma DMAIC approach of ‘define, measure, analyze, improve, and control’; the team proposed for the implementation of the work is also based on six sigma principles. The paper concludes with some suggestions for future related and needed work. Copyright © 2006 John Wiley & Sons, Ltd.