TY - JOUR
T1 - Methodology for Dynamic Analysis and Risk Management on ISO27001
AU - Santos Olmo Parra, Antonio
AU - Sanchez Crespo, Luis Enrique
AU - Alvarez, Esther
AU - Huerta, Monica
AU - Fernandez Medina Paton, Eduardo
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/6
Y1 - 2016/6
N2 - The information society is increasingly dependent Information Systems Security Management (ISMS) and knowledge of the security risks associated with its assets value. However, very few risk analysis methodologies have been raised as to create systems to analyze risks in a quick and economical, and which in turn can leave this system dynamically update. This paper presents a new methodology, called MARISMA, aimed at carrying out a risk analysis simplified and dynamic, which is valid for all companies, including SMEs, and to provide solutions to the problems identified during the application of the scientific method «Action Research». This methodology is being applied directly to real cases, thus achieving a constant improvement of its processes.
AB - The information society is increasingly dependent Information Systems Security Management (ISMS) and knowledge of the security risks associated with its assets value. However, very few risk analysis methodologies have been raised as to create systems to analyze risks in a quick and economical, and which in turn can leave this system dynamically update. This paper presents a new methodology, called MARISMA, aimed at carrying out a risk analysis simplified and dynamic, which is valid for all companies, including SMEs, and to provide solutions to the problems identified during the application of the scientific method «Action Research». This methodology is being applied directly to real cases, thus achieving a constant improvement of its processes.
KW - Cibersecurity
KW - Information Systems Security Management
KW - ISMS
KW - ISO27001
KW - ISO27002
KW - ISO27005
KW - Magerit
KW - Risk Analysis
KW - SME
UR - http://www.scopus.com/inward/record.url?scp=84986216582&partnerID=8YFLogxK
U2 - 10.1109/TLA.2016.7555273
DO - 10.1109/TLA.2016.7555273
M3 - Article
AN - SCOPUS:84986216582
SN - 1548-0992
VL - 14
SP - 2897
EP - 2911
JO - Ieee Latin America Transactions
JF - Ieee Latin America Transactions
IS - 6
M1 - 7555273
ER -