TY - GEN
T1 - Framework for the optimal design of an information system to diagnostic the enterprise security level and management the information risk based on ISO/IEC-27001
AU - Kanter-Ramirez, Christopher A.
AU - Lopez-Leyva, Josue A.
AU - Beltran-Rocha, Lucia
AU - Ferková, Dominica
PY - 2020
Y1 - 2020
N2 - This paper presents the framework for the optimized development of a digital platform based on ISO/IEC-27001 with the objective of making an initial diagnosis regarding the informatics security level in any company. In addition, the optimization process considers that the diagnostic results should be clear and direct, to making possible the fast security risk mitigation. In particular, the optimization process is based on the analysis of a conventional Management Information System framework in order to propose a novel customized framework for ISO/IEC-27001 applications. Thus, an optimized Management Information System is proposed which is the basis of the optimized digital platform. As preliminary results, the reduction of needed elements for the initial diagnosis for the informatics security promotes the simplicity of the application and thus, increases the possibility of applying the ISO/IEC-27001 to a greater amount of users, which means that it is promoted cybersecurity.
AB - This paper presents the framework for the optimized development of a digital platform based on ISO/IEC-27001 with the objective of making an initial diagnosis regarding the informatics security level in any company. In addition, the optimization process considers that the diagnostic results should be clear and direct, to making possible the fast security risk mitigation. In particular, the optimization process is based on the analysis of a conventional Management Information System framework in order to propose a novel customized framework for ISO/IEC-27001 applications. Thus, an optimized Management Information System is proposed which is the basis of the optimized digital platform. As preliminary results, the reduction of needed elements for the initial diagnosis for the informatics security promotes the simplicity of the application and thus, increases the possibility of applying the ISO/IEC-27001 to a greater amount of users, which means that it is promoted cybersecurity.
KW - ISO/IEC-27001
KW - Optimal design
KW - Security level
UR - http://www.scopus.com/inward/record.url?scp=85089617231&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-52856-0_1
DO - 10.1007/978-3-030-52856-0_1
M3 - Conference contribution
AN - SCOPUS:85089617231
SN - 9783030528553
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
SP - 3
EP - 13
BT - Cyber Security and Computer Science - 2nd EAI International Conference, ICONCS 2020, Proceedings
A2 - Bhuiyan, Touhid
A2 - Rahman, Md. Mostafijur
A2 - Ali, Md. Asraf
PB - Springer
T2 - 2nd International Conference on Computer Science and Cyber Security, ICONCS 2020
Y2 - 15 February 2020 through 16 February 2020
ER -