Welcome to the InfoSci Platform
Reference Hub1
Information Security Management Systems Cybernetics

Information Security Management Systems Cybernetics

Wolfgang Boehmer
Copyright: © 2012 |Pages: 22
ISBN13: 9781466601970|ISBN10: 1466601973|EISBN13: 9781466601987
DOI: 10.4018/978-1-4666-0197-0.ch013
Cite Chapter Cite Chapter

MLA

Boehmer, Wolfgang. "Information Security Management Systems Cybernetics." Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions, edited by Manish Gupta, et al., IGI Global, 2012, pp. 223-244. https://doi.org/10.4018/978-1-4666-0197-0.ch013

APA

Boehmer, W. (2012). Information Security Management Systems Cybernetics. In M. Gupta, J. Walp, & R. Sharman (Eds.), Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions (pp. 223-244). IGI Global. https://doi.org/10.4018/978-1-4666-0197-0.ch013

Chicago

Boehmer, Wolfgang. "Information Security Management Systems Cybernetics." In Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions, edited by Manish Gupta, John Walp, and Raj Sharman, 223-244. Hershey, PA: IGI Global, 2012. https://doi.org/10.4018/978-1-4666-0197-0.ch013

Export Reference

Mendeley
Favorite

Abstract

With the widespread dissemination of Information Technology in enterprises and households in the mid-90s, discussions began on how to manage it. Meanwhile, in the area of enterprise security management systems worldwide, enforced use of the Deming cycle initially worked against the implementation of policies. Standard management systems include ISMS (Information Security Management System) as specified in ISO 27001, BCM (Business Continuity Management System) as specified in BS 25999, and ITSM (Information Technology Service Management System) as specified in ISO 20000. In contrast to policies, these best-practice management systems continue to operate today with no formal method. Management systems have, however, some advantages that policies do not have. In this chapter, the authors present possible uses of policies with respect to management systems and identify potential applications. Furthermore, the authors present a field study, cited here, which highlights the advantages of management systems in practice. Moreover, this chapter shows how a formal description of an information security management system can be created by means of discrete-event systems theory and how an objective function for management systems can be defined.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.