Title :
On an Integration of an Information Security Management System into an Enterprise Architecture
Author :
Hensel, Veselina ; Lemke-Rust, Kerstin
fDate :
Aug. 30 2010-Sept. 3 2010
Abstract :
This paper presents a new approach for the integration of an Information Security Management System (ISMS), defined by the international standard ISO/IEC 27001, into an Enterprise Architecture (EA). Such an approach establishes a basis for comprehensive ISMS that reflects the entire security needs of an enterprise organization. Starting from the ISO/IEC 27001 standard, the suitability of established enterprise architectures was evaluated in a first step. As result, the approach of Braun to Business Engineering was chosen. Starting from the strategic level, we show how an ISMS can be realized in Braun´s enterprise modeling scheme.
Keywords :
business data processing; security of data; standards; Braun enterprise modeling scheme; business engineering; comprehensive ISMS; enterprise architecture; information security management system; international standard ISO/IEC 27001; IEC standards; ISO standards; Information security; Organizations; Business Engineering; Enterprise Architecture; ISO/IEC 27001; Information Security Management System;
Conference_Titel :
Database and Expert Systems Applications (DEXA), 2010 Workshop on
Conference_Location :
Bilbao
Print_ISBN :
978-1-4244-8049-4
DOI :
10.1109/DEXA.2010.75
