Abstrakt

Risk Management for ISO 27005 Decision support

Hanane Bahtit, Boubker Regragui

The security of information systems focuses on raising the level of business security while aligning with its strategy and objectives. The family of ISO 2700x, whose theme is: Information technology - Security techniques, allows taking into account all of these security problems, by offering a pack of uniform and standards that respect the continuous improvement cycle PDCA. Being closely linked to the security of information systems, the risk management consists of assessing the uncertainty of the future to make the best decision possible today. Risk management and all decision processes fall within this problematic. The decision making on the Information security risk management requires taking into account an increasing amount of data of different types and qualities. As a result, risk managers increasingly use computers to provide powerful tools for decision support. The aim of this article is to make an overview of the ISO 2700x, focusing more particularly on the content of the ISO 27005 standard, dedicated to information security risk management. In this context, a UML modeling of the processes of ISO 27005 is presented as an improvement of this modeling by criteria and indicators that support the quality of decision making in various decision points. This is the vision of increasing the efficiency and effectiveness of decision making process.

Haftungsausschluss: Dieser Abstract wurde mit Hilfe von Künstlicher Intelligenz übersetzt und wurde noch nicht überprüft oder verifiziert

Indiziert in

Academic Keys
ResearchBible
CiteFactor
Kosmos IF
RefSeek
Hamdard-Universität
Weltkatalog wissenschaftlicher Zeitschriften
Gelehrter
International Innovative Journal Impact Factor (IIJIF)
Internationales Institut für organisierte Forschung (I2OR)
Kosmos

Mehr sehen