IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

ISMS Building for SMEs through the Reuse of Knowledge

ISMS Building for SMEs through the Reuse of Knowledge
View Sample PDF
Author(s): Luís Enrique Sánchez (SICAMAN NT, Spain), Antonio Santos-Olmo (SICAMAN NT, Spain), Eduardo Fernandez-Medina (University of Castilla-La Mancha, Spain)and Mario Piattini (University of Castilla-La Mancha, Spain)
Copyright: 2013
Pages: 26
Source title: Small and Medium Enterprises: Concepts, Methodologies, Tools, and Applications
Source Author(s)/Editor(s): Information Resources Management Association (USA)
DOI: 10.4018/978-1-4666-3886-0.ch022

Purchase

View ISMS Building for SMEs through the Reuse of Knowledge on the publisher's website for pricing and purchasing information.

Abstract

The information society is increasingly more dependent upon Information Security Management Systems (ISMSs), and the availability of these systems has become crucial to the evolution of Small and Medium-size Enterprises (SMEs). However, this type of companies requires ISMSs which have been adapted to their specific characteristics, and these systems must be optimized from the point of view of the resources necessary to deploy and maintain them. Over the last 10 years, the authors have obtained considerable experience in the establishment of ISMSs, and during this time, they have observed that the structure and characteristics of SMEs as regards security management are frequently very similar (since they can all be grouped by business size and sector), thus signifying that it is possible to construct patterns for ISMSs that can be reused and refined. In this chapter, the authors present the strategy that they have designed to manage and reuse security information in information system security management. This strategy is framed within a methodology designed for integral security management and its information systems maturity, denominated as “Methodology for Security Management and Maturity in Small and Medium-size Enterprises (MSM2-SME),” and it is defined in a reusable model called “Reusable Pattern for Security Management (RPSM),” which systematically defines, manages, and reuses the aforementioned methodology through a sub-process denominated as “Generation of Security Management Patterns (GSMP).” This model is currently being applied in real cases, and is thus constantly improving.

Related Content

Rehmat Shah, Rana Yassir Hussain, Hira Irshad. © 2024. 21 pages.
Malik Waqar Ahmed, Haroon Hussain, Hammad Hassan Mirza, Ghulam Ali Bhatti. © 2024. 17 pages.
Burak Nedim Aktaş. © 2024. 23 pages.
Rani Jha, Sidharth Mishra, Avinash Sharma. © 2024. 15 pages.
Tugçe Şimşek, Ahmet Bahadır Şimşek. © 2024. 25 pages.
George Kassar. © 2024. 15 pages.
Andi Cudai Nur, Komal Khalid. © 2024. 19 pages.
Body Bottom