Preliminary study on ISMS ISO 27001:2013 implementation to government agencies in Malaysia
An information security management system (ISMS) is a systematic procedure while managing an organization's data. System admin applies ISMS in order to minimize risk and to ensure the continuity of their business if security threats happen to their company. The study shows that immature communi...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Conference or Workshop Item |
| Published: |
UTM AIS
2016
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/66674/ http://seminarparisais.wixsite.com/paris2016 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | An information security management system (ISMS) is a systematic procedure while managing an organization's data. System admin applies ISMS in order to minimize risk and to ensure the continuity of their business if security threats happen to their company. The study shows that immature communication between management and information security landscape is one of the problems contributing while doing risk assessment activity. This paper discusses preliminary study about the implementation of ISMS ISO 27001:2013 standards to government agencies in Malaysia. The study includes literature review and interview with MAMPU a sector lead to ensure government sectors certified with this standard. |
|---|