ISMS-CORAS: A Structured Method for Establishing an ISO 27001 Compliant Information Security Management System

GSTDTAP > 气候变化

	ISMS-CORAS: A Structured Method for Establishing an ISO 27001 Compliant Information Security Management System
	Beckers, Kristian; Heisel, Maritta; Solhaug, Bjørnar; Stølen, Ketil
	2013
出版年	2013
语种	英语
国家	挪威
出版者	SINTEF
领域	气候变化
英文摘要	Realizing security and risk management standards may be challenging, partly because the descriptions of what to realize are often generic and have to be refined by security experts. Removing this ambiguity is time intensive for security experts, because the experts have to interpret all the required tasks in the standard on their own. In our previous work we showed how to use security requirements engineering methods for the development and documentation of the ISO 27001 security standard. In this paper we (i) create an extension of the CORAS methodology for risk management that supports the ISO 27001 standard, (ii) validate the method via comparing its resulting artifacts to the artifacts of an industrial ISO 27001 application, and (iii) discuss the advantages of our method compared to the industrial state-of-the-art. We apply our method to a smart grid scenario provided by the industrial partners of the NESSoS project. Oppdragsgiver: European Commission
URL	查看原文
来源平台	Center for International Climate and Environmental Research-Oslo (CICERO)
文献类型	科技报告
条目标识符	http://119.78.100.173/C666/handle/2XK7JSWQ/1840
专题	气候变化
推荐引用方式 GB/T 7714	Beckers, Kristian,Heisel, Maritta,Solhaug, Bjørnar,et al. ISMS-CORAS: A Structured Method for Establishing an ISO 27001 Compliant Information Security Management System:SINTEF,2013.