Sandro Gerić, Željko Hutinski: Managing the security of the information system

Sandro Gerić, Željko Hutinski: Managing the security of the information system
MIPRO 28th International Convention, Proceedings of Information System Security, Opatija, 2005., pp. 175-191.

Abstract:
The development and increasing importance of information systems (IS) and their resources in business organizations emphasis the vulnerability of information systems and potential loses for business organizations produced by different events that are threat for information system security – threats like unauthorized intrusion in information system, stealing of information system resources, etc. The paper addresses the problem of information system security management thru risk assessment and use of international standards like ISO17799 and BS7799. This problem is then described as a process of information system security management with its phases and necessary measures to be taken to ensure security of the information system and its resources.

Keywords: ISO17799, Security risk management, security management.