Practical Shortcoming in Implementation of Information Security Management Systems

  • Prof. (Dr.) Deepak Jain Amity College, Florida, USA
  • Dr. Alpana Kakkar Amity University, Noida, India
  • Ritu Punhani Amity University, Noida, India
  • Prof. S. Madan
Keywords: Information Security, ISMS, ISO270001

Abstract

Information security has been a global issue and challenge from many years. Protection of vital information of the organization has always been a huge challenge for all as millions of intruders put continuous efforts to get access to this information. The information whether stored in physical form on papers or in electronic form in computers, is the most critical element of any successful business and its high values make it the focused target of intruders. Organizational data face threats from external as well as internal factors of the organizations and there is no surprise that organizations implement security measures for their data assets in their premises and networks. Companies spend huge efforts, time, and money on the security of their crucial data and make best possible efforts to keep their data confidential and private yet face losses at many places due to limitations of their security systems.
This white paper highlights some most common practical shortcomings in the security systems of the companies.

References

Albert Caballero (2009), Computer and Information Security Handbook, Morgan Kaufmann Publications Elsevier Inc p. 232 ISBN 978-0-12-374354-1
An Introduction to BS7799, DOI: http://gtechindia.org/jsp/BS7799TrivandrumSPIN.ppt
Craig S Wright, SANS Darling Harbour (2005) Implementing an Information Security Management System (ISMS) Training process, Global Information Assurance Certification Paper taken from the GIAC directory of certified professionals, SANS Institute; DOI: http://www.giac.org/paper/g2700/39/implementing-information-security-management-system-isms-training-process/107335
History of 7799, DOI: http://www.gammassl.co.uk/bs7799/history.html
Inger Nordin (2003), Information Security Management System (ISMS) – Introduction, DOI: http://www.ivpk.lt/dokumentai/prezentacijos/08%20Information%20Security%20Management%20System%20-%20Introduction.ppt
Inger Nordin (2003), Implementation of an ISMS - A process approach, DOI: http://www.ivpk.lt/dokumentai/prezentacijos/09%20Information%20Security20Management%20System%20-%20Implementatio.ppt
MAKINO Tsutomu (2012), How to Establish an ISMS Management Framework, JIPDEC, DOI: http://www.isms.jipdec.jp/en/isms/frame.html
Punhani, R., Kakkar, A., & Jain, D. (2012). Implementation of ISMS and its Practical Shortcomings. IARS’ International Research Journal, 2(1). Retrieved from https://researth.iars.info/index.php/curie/article/view/19
Rana, A., Nigam, U., & Jain, D. (2012). Insider Threats: Risk to Organization. IARS’ International Research Journal, 2(1). Retrieved from https://researth.iars.info/index.php/curie/article/view/18
Shamsuddin Abdul Jalil, Rafidah Abdul Hamid (2003), ISMS Pilot Program Experiences: Benefits, Challenges & Recommendations, DOI: http://www.cybersecurity.my/data/content_files/11/23.pdf
The National ICT Security and Emergency Response Centre (NISER) (2012), NISER'S ISMS PILOT PROGRAMME EXPERIENCES: COMMON SHORTCOMINGS IN ISMS IMPLEMENTATION, DOI: http://www.cybersecurity.my/data/content_files/11/24.pdf
Published
2019-12-08