Modern aspects of updating international standards of series ISO/IEC 27000

Authors

  • Yuliia Kozhedub State institution ”Institute of special communication and information protection of National technical university of Ukraine ”Kyiv polytechnic institute”, Kyiv,, Ukraine

DOI:

https://doi.org/10.20535/2411-1031.2016.4.1.95921

Keywords:

Стандарти, стандартизація, інформаційні технології, методи безпеки інформаційних технологій, системи управління інформаційною безпекою, технічний комітет.

Abstract

The paper presents and analyzes new information about the modern aspects of standardization of information technology security techniques, covered the work of experts of technical standardization committees for the creation and updating of international standards on information security management system, sets an example, experts talk about the standardizing technical proposals and methods for solving problems in information security with help of years of practice, implemented in a series of international standards, found that the root cause of hard work Standardization Technical Experts on updating ISO/IEC 27000 was to update ISO/IEC 9000. This work resulted in harmonizing the provisions of standards ISO/IEC 27000 series and the new work experts on information technology security techniques with the fundamentals of management systems, which principles are laid and announced by the latest standards. These principles are known and constitute the methodological basis of international standards on the management system, namely, the process approach, the PDCA cycle and thinking on the risk based. The provisions of the revised standards and the standards that will be published by the ISO in the future, lies in the fact that the process approach – is the systematic identification and management processes, as well as their interaction in order to achieve the desired results in accordance with established policies and strategic direction organization. Process control and system as a whole can be achieved using the PDCA cycle with the general emphasis thinking on the risk based, aimed at seizing opportunities and prevent unwanted results.

Author Biography

Yuliia Kozhedub, State institution ”Institute of special communication and information protection of National technical university of Ukraine ”Kyiv polytechnic institute”, Kyiv,

candidate of technical sciences,
associate professor at the management
academic department

References

“State Service of Special Communication and Protection proposes to implement a national system of information security management”. [Online]. Available: http://www.dsszzi.gov.ua/ dstszi/control/uk/publish/article?art_id=129963&cat_id=119123. Accessed on: Jan., 5, 2016.

K. Bird, “IT security experts win technical excellence award”. [Online]. Available: http://www.iso.org/iso/home/news_index/news_archive/news.htm?Refid=Ref2005. Accessed on: Dec., 21, 2015.

M. Lazarte, “Security toolbox protects organizations from cyber-attacks”. [Online]. Available: http://www.iso.org/iso/home/news_index/news_archive/news.htm?Refid=Ref2032. Accessed on: Dec., 21, 2015.

“ISO Survey 2014”. [Online]. Available: http://www.iso.org/iso/iso_survey_executive-summary.pdf?v2014. Accessed on: Dec., 7, 2015.

International Organization for Standardization. 2008. ISO/TC 176/SC 2/N 544R3, ISO 9000, Introduction and Support Package: Guidance on the Concept and Use of the Process Approach for management systems. [Online]. Available: http://www.iso.org. Accessed on: Jan., 15, 2016.

International Organization for Standardization. 2015. ISO/FDIS 9001, Quality management systems. Requirements. [Online]. Available: http://www.afnor.fr. Accessed on: Jan., 15, 2016.

Downloads

Published

2016-06-30

How to Cite

Kozhedub, Y. (2016). Modern aspects of updating international standards of series ISO/IEC 27000. Collection "Information Technology and Security", 4(1), 20–26. https://doi.org/10.20535/2411-1031.2016.4.1.95921

Issue

Vol. 4 No. 1 (2016)

Section

INFORMATION SECURITY

License

Copyright (c) 2020 Collection "Information technology and security"

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The authors that are published in this collection, agree to the following terms:

  1. The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
     
  2. The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
     
  3. Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).