Implementation of ISMS and its Practical Shortcomings

Ritu Punhani; Alpana Kakkar; Deepak Jain

doi:10.51611/iars.irj.v2i1.2012.19

Authors

Ritu Punhani Amity University, Noida, INDIA
Alpana Kakkar Amity University, Noida - INDIA
Deepak Jain HCL Technologies Limited - INDIA

DOI:

https://doi.org/10.51611/iars.irj.v2i1.2012.19

Keywords:

Information Security, ISMS

Abstract

Information security has been a global issue and challenge from many years. Protection of vital information of the organization has always been a huge challenge for all as millions of intruders put continuous efforts to get access to this information. The information whether stored in physical form on papers or in electronic form in computers, is the most critical element of any successful business and its high values make it the focused target of intruders. Organizational data face threats from external as well as internal factors of the organizations and there is no surprise that organizations implement security measures for their data assets in their premises and networks. Companies spend huge efforts, time, and money on the security of their crucial data and make best possible efforts to keep their data confidential and private yet face losses at many places due to limitations of their security systems. This white paper highlights some most common practical shortcomings in the security systems of the companies.

Downloads

Download data is not yet available.

Author Biography

Ritu Punhani, Amity University, Noida, INDIA

Assistant Professor,
Computer Science and Information Technology,
Amity University, Noida,
U.P., 201301, INDIA

References

Albert Caballero (2009), Computer and Information Security Handbook, Morgan Kaufmann Publications Elsevier Inc p. 232 ISBN 978-0-12-374354-1
An Introduction to BS7799, DOI: http://gtechindia.org/jsp/BS7799TrivandrumSPIN.ppt
Craig S Wright, SANS Darling Harbour (2005) Implementing an Information Security Management System (ISMS) Training process, Global Information Assurance Certification Paper taken from the GIAC directory of certified professionals, SANS Institute; DOI: http://www.giac.org/paper/g2700/39/implementing-information-security-management-system-isms-training-process/107335
History of 7799, DOI: http://www.gammassl.co.uk/bs7799/history.html
Inger Nordin (2003), Information Security Management System (ISMS) â€“ Introduction, DOI: http://www.ivpk.lt/dokumentai/prezentacijos/08%20Information%20Security%20Management%20System%20-%20Introduction.ppt
Inger Nordin (2003), Implementation of an ISMS - A process approach, DOI: http://www.ivpk.lt/dokumentai/prezentacijos/09%20Information%20Security20Management%20System%20-%20Implementatio.ppt
MAKINO Tsutomu (2012), How to Establish an ISMS Management Framework, JIPDEC , DOI: http://www.isms.jipdec.jp/en/isms/frame.html
Shamsuddin Abdul Jalil, Rafidah Abdul Hamid (2003),ISMS Pilot Program Experiences: Benefits, Challenges & Recommendations, DOI: http://www.cybersecurity.my/data/content_files/11/23.pdf
The National ICT Security and Emergency Response Centre (NISER) (2012), NISER'S ISMS PILOT PROGRAMME EXPERIENCES: COMMON SHORTCOMINGS IN ISMS IMPLEMENTATION, DOI: http://www.cybersecurity.my/data/content_files/11/24.pdf