This thesis focuses on automation of processes of Information Security
Management System. In accordance with two International Standards, ISO/IEC
27001:2005 and ISO/IEC 17799:2005, to automate the activities required for a
documented ISMS as much as possible helps organizations. Some of the well
known tools in this scope are analyzed and a comparative study on them including
&ldquo / InfoSec Toolkit&rdquo / , which is developed for this purpose in the thesis scope, is given.
&ldquo / InfoSec Toolkit&rdquo / is based on ISO/IEC 27001:2005 and ISO 17799:2005. Five
basic integrated modules constituting the &ldquo / InfoSec Toolkit&rdquo / are &ldquo / Gap Analysis
Module&rdquo / , &ldquo / Risk Module&rdquo / , &ldquo / Policy Management Module&rdquo / , &ldquo / Monitoring Module&rdquo / and &ldquo / Query and Reporting Module&rdquo / . In addition a research framework is proposed
in order to assess the public and private organizations&rsquo / information security
situation in Turkey.
| Identifer | oai:union.ndltd.org:METU/oai:etd.lib.metu.edu.tr:http://etd.lib.metu.edu.tr/upload/12607783/index.pdf |
| Date | 01 September 2006 |
| Creators | Erkan, Ahmet |
| Contributors | Arifoglu, Ali |
| Publisher | METU |
| Source Sets | Middle East Technical Univ. |
| Language | English |
| Detected Language | English |
| Type | M.S. Thesis |
| Format | text/pdf |
| Rights | To liberate the content for public access |
Page generated in 0.0019 seconds