Applying ISO 17799:2005 in information security management

International Journal of Services and Standards

Volumn 3, Issue 3, 2007, Pages 352-373

  Lee, Ming Chang ^a   Chang, To ^b  

^a FOOYIN UNIVERSITY   (Taiwan)

^b SHU TE UNIVERSITY   (Taiwan)

Author keywords

Information security management; Information security management system; ISO 17799:2005; Risk management; Security management

Indexed keywords

EID: 34547121214     PISSN: 17408849     EISSN: 17408857     Source Type: Journal    
DOI: 10.1504/IJSS.2007.013754     Document Type: Article

References (23)

1. Ali, H.A. (2005) 'A new approach for building secure applications based on internal infrastructure, Int. J Computer Applications in Technology, Vol. 24, pp. 144-155.
2. Becker, S.A. (2004) 'A usability study of internet privacy policies for state and commercial website', Int. J. Service and Standards, Vol. 1, pp.52-68.
3. BSI, BS 7799-1 (1999a) 'Information Security Management Part 1: Code of Practice for Information Security Management System', British Security Institute: UK.
4. BSI, BS 7799-2 (1999b) 'Information Security Management Part 2: Specification for Information Security Management System', British Security Institute: UK.
5. Carlson, T. (2001) INS whitepaper (International Network Service Inc.), Information security Management: Understandini; ISO 17799, October.
6. Carter, D.L. and Katz, A.J. (1996) 'Computer crime and security: the perceptions and experiences of corporate security directors', Security Journal, Vol. 7, pp. 101-108.
7. Chen, YS., Chong, P.P. and Zhang, B. (2004) 'Cyber security management and e-government', Electronic Government, an International Journal, Vol. 1, pp.316-327.
8. Finne, T. (1996) 'The information security chain in a company', Computer and Seeurity, Vol. 15, pp.297-316.
9. ISM (Information security management), Account and Password Management Policy Version 1.4, 03/2004, University of Auckland, New Zealand. Available at: http://www.auckland.ac.nz/security/policies and statutes.htm
10. ISO (2005) Information technology - Security Techniques Code of Practice for Information Security Management, ISO 1799:2005(E).
11. ISO (2000) Information technology, - Securitv Techniques Code of Practice.1br Information Security Management, ISO 1799:2000(E).
12. Kim, Y. and Kim, Y (1999) Critical IS issues in the network Era', Information Resources Management Journal, Vol. 99, pp. 14-23.
13. Lewis, B.R. and Byrd, T.A. (2003) 'Development of a measure for the information technology infrastructure construct', European Journal of Information Systems, Vol. 12, pp.93-109.
14. NSTISSI (National Security Telecommunications and Information Systems Security Instruction) (1999) No. 4009, January.
15. Poslad, S., Tan, J.J., Huang, X. and Zuo, L. (2005) 'Middleware for semantic-based security and safety management of open services', Int. J Web and Grid Services, Vol. 1, pp.305-327.
16. Post, G. and Kagan, A. (2000) 'Management tradeoffs in anti-virus strategies', Information and Management, Vol. 37, pp. 13-24.
17. Qureshi, A.A. and Siegel, J.G. (2001) 'Information security and data protection', Int. J Computer Applications in Technology, Vol. 14, pp. 1-16.
18. Scott, M., Action, T. and Hughes, M. (2005) 'An assessment of biometric identities as a standard for e-govem ment services', Int. J. Service and Standards, Vol. 1, pp.271-286.
19. Seetharaman, A., Sreenivasan, J. and Murugeson, M. (2006) 'Electronic data interchange and financial electronic data interchange: threats and opportunities for financial accounting', Int. J. Services and Standards, Vol. 2, pp. 137-153.
20. Shin, S.C. and Wen, H.J. (2005) 'Integrated e-enterprise security design and implementation: a case study of e-service in Supply chain management', Int. J Electronic Business, Vol. 3, pp. 154-173.
21. Shin, D.H., Huang, S.Y and Lin, B. (2006) Linking secure reverse auction with web service', Int. J. Services and Standard, Vol. 2, pp. 15-31.
22. Smith, A.D. (2005) 'Exploring the acceptability of biometrics and fingerprint technologies', Int. J Services andStandards, Vol. 1, pp.453-481.
23. Zviran, M. and Haga, WJ. (1999) 'Password security; an empirical study', Journal of Managrement Information Systems, Vol. 15, pp. 161-185.