On the Inter-dependence of Security Controls of ISO/IEC 27002:2005
Published: 2011
Author(s) Name: Anil K. Kaushik, Anirban Sengupta, Chandan Mazumdar, P. Banerjee
Locked
Subscribed
Available for All
Abstract
An enterprise is viewed as a collection of assets and their
interrelationships. These assets contain vulnerabilities,
which may be exploited by threats to breach information
security aspects of enterprises. In order to prevent this,
security controls need to be implemented. ISO/IEC
27002:2005 is a widely accepted security standard that
contains details of enterprise security controls. These
controls are inter-dependent. The present study proposes a
model of control-dependence for ISO/IEC 27002.
Keywords: Enterprise Information Security, Security controls, Control dependence, Risk Management, ISO/IEC
27002
View PDF