| 报告题名: | ISMS-CORAS: A Structured Method for Establishing an ISO 27001 Compliant Information Security Management System |
| 作者: | Beckers, Kristian; Heisel, Maritta; Solhaug, Bjørnar; Stølen, Ketil
|
| 出版者: | SINTEF
|
| 出版年: | 2013
|
| 发表日期: | 2013
|
| 国家: | 挪威
|
| 语种: | 英语
|
| 英文摘要: | Realizing security and risk management standards may be challenging, partly because the descriptions of what to realize are often generic and have to be refined by security experts. Removing this ambiguity is time intensive for security experts, because the experts have to interpret all the required tasks in the standard on their own. In our previous work we showed how to use security requirements engineering methods for the development and documentation of the ISO 27001 security standard. In this paper we (i) create an extension of the CORAS methodology for risk management that supports the ISO 27001 standard, (ii) validate the method via comparing its resulting artifacts to the artifacts of an industrial ISO 27001 application, and (iii) discuss the advantages of our method compared to the industrial state-of-the-art. We apply our method to a smart grid scenario provided by the industrial partners of the NESSoS project. Oppdragsgiver: European Commission |
| URL: | https://brage.bibsys.no/xmlui/bitstream/handle/11250/2432316/SINTEF%2bA25626.pdf?sequence=2&isAllowed=y
|
| 资源类型: | 研究报告
|
| 标识符: | http://119.78.100.158/handle/2HF3EXSE/28805
|
| Appears in Collections: | 过去全球变化的重建
影响、适应和脆弱性
科学计划与规划
气候变化与战略
全球变化的国际研究计划
气候减缓与适应
气候变化事实与影响
|
| File Name/ File Size |
Content Type |
Version |
Access |
License |
|
|---|
| SINTEF+A25626.pdf(1301KB) | 研究报告 | -- | 开放获取 | | View
Download
|
|
| Recommended Citation: | |
Beckers, Kristian,Heisel, Maritta,Solhaug, Bjørnar,et al. ISMS-CORAS: A Structured Method for Establishing an ISO 27001 Compliant Information Security Management System. 2013-01-01.
|
|
|