Title :
Physical and Logical Security management organization model based on ISO 31000 and ISO 27001
Author :
Peciña, Koldo ; Estremera, Ricardo ; Bilbao, Alfonso ; Bilbao, Enrique
Author_Institution :
S21Sec, Alcobendas, Spain
Abstract :
This paper describes both the necessity of Physical and Logical Security management convergence and its implementation difficulty due to different organization models in most of the correspondent Security departments on enterprises and Administration organisms. This paper presents a methodology that makes it possible to comply with the ISO 31000 standard (for physical security) and ISO 27001 standard (for logical security) methodologies, analyzing simultaneously both information and physical assets. This paper presents an organization model proposal based on ISO 31000 standard (for physical security) and ISO 27001 standard (for logical security), and it integrates both models in the same company, being able to comply with both standards. The paper includes the proposed document structure for the model and a practical example of application.
Keywords :
ISO standards; organisational aspects; security of data; ISO 27001 standard; ISO 31000 standard; administration organisms; document structure; information assets; logical security management organization model; physical assets; physical security management organization model; security departments; ISO standards; Organizations; Risk management; Security; Standards organizations; 18; 20; 21; ISO 27001; ISO 31000. Topics: 4; Physical and Logical Security convergence; Risk Analysis; Risk Management;
Conference_Titel :
Security Technology (ICCST), 2011 IEEE International Carnahan Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-1-4577-0902-9
DOI :
10.1109/CCST.2011.6095894
