Conferences in Research and Practice in Information Technology
  

Online Version - Last Updated - 20 Jan 2012

 

 
Home
 

 
Procedures and Resources for Authors

 
Information and Resources for Volume Editors
 

 
Orders and Subscriptions
 

 
Published Articles

 
Upcoming Volumes
 

 
Contact Us
 

 
Useful External Links
 

 
CRPIT Site Search
 
    

We wish you a happy and safe holiday season and all the best for 2025


Implementing the ISO/IEC 17799 standard in practice - experiences on audit phases

Wiander, T.

    This paper introduces implementation experiences on the ISO/IEC 17799 standard. The early implementation phase showed that there was resistance to change. The study revealed that lack of information was the root cause on that. Solution for this problem is proactive communications and use of internal advocates. All interviewees shared the same view that the ISO/IEC 17799 fits well with the existing organisation culture, and even changed it to a more security conscious one. The audit phase suggested that the audit mainly supported well organisations processes and the organisations got feedback beyond audit. After the implementation phase the workload was diminished and maintenance mode was mainly seen as reasonable.
Cite as: Wiander, T. (2008). Implementing the ISO/IEC 17799 standard in practice - experiences on audit phases. In Proc. Sixth Australasian Information Security Conference (AISC 2008), Wollongong, NSW, Australia. CRPIT, 81. Brankovic, L. and Miller, M., Eds. ACS. 115-119.
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS
 

 

ACS Logo© Copyright Australian Computer Society Inc. 2001-2014.
Comments should be sent to the webmaster at crpit@scem.uws.edu.au.
This page last updated 16 Nov 2007