• DocumentCode
    633019
  • Title

    Influence of established information security governance and infrastructure on future security certifications

  • Author

    Sedinic, Ivan ; Lovric, Zrinka

  • Author_Institution
    Data & IT-NT Security Work Unit, Croatian Telecom, Zagreb, Croatia
  • fYear
    2013
  • fDate
    20-24 May 2013
  • Firstpage
    1111
  • Lastpage
    1115
  • Abstract
    In today business environment different security certificates are not any more “nice to have” feature but business prerequisite for service providers. PCI DSS certification is a must for card issuers and merchants and ISO27001 certification is very often prerequisite to qualify for ICT services offering. In this paper will be shown how proper security governance and security framework on which is built adequate security infrastructure could simplify and speed up certification process, while at the same time reduce cost of certification. Additionally, on examples of ISO27001 and PCI DSS, influence of one existing certificate on certification process for other certificate will be analyzed.
  • Keywords
    ISO standards; certification; security of data; smart cards; ICT services; ISO27001 certification; PCI DSS certification; business environment; certification cost reduction; information security governance; payment card industry data security standard; security certification infrastructure; security framework; service providers; Certification; Companies; Decision support systems; IEC standards; ISO standards; Information security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information & Communication Technology Electronics & Microelectronics (MIPRO), 2013 36th International Convention on
  • Conference_Location
    Opatija
  • Print_ISBN
    978-953-233-076-2
  • Type

    conf

  • Filename
    6596423
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=633019