|
| | | |
We wish you a happy and safe holiday season and all the best for 2025
Implementing the ISO/IEC 17799 standard in practice - experiences on audit phases
Wiander, T.
This paper introduces implementation experiences on the ISO/IEC 17799 standard. The early implementation phase showed that there was resistance to change. The study revealed that lack of information was the root cause on that. Solution for this problem is proactive communications and use of internal advocates. All interviewees shared the same view that the ISO/IEC 17799 fits well with the existing organisation culture, and even changed it to a more security conscious one. The audit phase suggested that the audit mainly supported well organisations processes and the organisations got feedback beyond audit. After the implementation phase the workload was diminished and maintenance mode was mainly seen as reasonable. |
Cite as: Wiander, T. (2008). Implementing the ISO/IEC 17799 standard in practice - experiences on audit phases. In Proc. Sixth Australasian Information Security Conference (AISC 2008), Wollongong, NSW, Australia. CRPIT, 81. Brankovic, L. and Miller, M., Eds. ACS. 115-119. |
(from crpit.com)
(local if available)
|
|