Journal of Applied Reliability (한국신뢰성학회지:신뢰성응용연구)

The Korean Reliability Society (한국신뢰성학회)
권호 표지

Characteristics and Implementation of ISO/IEC 27001 : 2013 Information Security Management System

ISO/IEC 27001 : 2013 정보보안경영시스템의 특징과 적용 방안

  • Received : 2014.02.18
  • Accepted : 2014.05.09
  • Published : 2014.06.25
Download PDF
⟨ Previous Next ⟩

Abstract

The demand against the risk analysis and information security of system from the companies or the agencies which operate an information system is increasing. ISO/IEC 27001 was established by ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission). Also this standard is international and authoritative standard of ISMS (Information Security Management System). This paper is to review how the ISO 27001 ISMS Requirement has been established and improved, and to communicate the significant changes from ISO27001 : 2005 to ISO 27001 : 2013 focusing on reasons for revisions. Additionally, This paper shows case study for understanding ISO 27001 : 2013 implementation.

Keywords

References

  1. 국제표준화기구 (2005), International Standard ISO/IEC 27001 : 2005, 국제표준화기구.
  2. 국제표준화기구(2013), International Standard ISO/IEC 27001 : 2013, 국제표준화기구.
  3. 박낙규 (2012), 산업보안관리체계 인증 수립 방안 연구, 한국산업기술대학교 산업기술경영대학원.
  4. 장상수.이호섭 (2010), 정보보호관리체계(ISMS) 인증심사 결함사항 분석에 관한 연구, 정보보증학회지, 제20권, 제1호, pp. 31-38.
  5. 김태달 (2007), ISO 27001의 ISMS 보안성숙도 측정 모델링에 관한 연구, 한국컴퓨터정보학회지, 제12권, 제6호, pp. 153-160.
  6. Zoran Cosic, Marija Boban (2010), Information Security Management-Defining Approaches to Information Security Policies in ISMS, IEEE International Symposium on Intelligent Systems and Informatics, Vol. 8, pp. 83-85.