You are currently browsing the archives for November, 2015.

Alternativni model primjene ISO/IEC 27001

November 18, 2015 // Posted in ICT sigurnost  |  Comments Off on Alternativni model primjene ISO/IEC 27001

Zanimljiv članak o poveznici procjene rizika po standardu ISO 27001:2005 i primjeni kontrola Aneksa A tog standarda – Dr. David Brewer FBCS, Dr. Michael Nash FBCS: “Insights into the ISO/IEC 27001 Annex A”.

Abstract: ISO/IEC 27001 is a specification for an Information Security Management System (ISMS). It contains an annex, Annex A, which catalogues a wide range of controls and other measures relevant to information security. At first view, it appears that all an organisation has to do is select the controls that it believes that it needs from this catalogue. However, there is a requirement to carry out a risk assessment. The purpose of this is to identify the controls that are actually required. Over the years arguments have raged between the users of ISO/IEC 27001as to the relative importance and relationship between these two requirements. This paper reports on research carried out by Gamma Secure Systems Limited (Gamma) over the period January 2007 to December 2010 to investigate the relationship between these two requirements. We discover that if an organisation wishes merely to ensure coverage of the Annex A controls then the scope of the risk assessment is highly constrained. Indeed, we discover that it is possible to generate a small set of templates that once completed will fulfil the risk assessment requirements of the standard and guarantee coverage of the Annex A controls, whilst not necessarily providing a risk assessment that adequately addresses the organisation’s real exposure.

Cijelom članku možete pristupiti putem ove poveznice.

Tehnologija i investitori – Internet of Things

November 8, 2015 // Posted in ICT tehnologije  |  Comments Off on Tehnologija i investitori – Internet of Things

null

Radionica “Sigurnost elektroničkog poslovanja” na Ekonomskom fakultetu u Rijeci – doc.dr.sc. Saša Aksentijević

November 5, 2015 // Posted in Članci/konferencije/predavanja  |  Comments Off on Radionica “Sigurnost elektroničkog poslovanja” na Ekonomskom fakultetu u Rijeci – doc.dr.sc. Saša Aksentijević

21.10.2015. i 04.11.2015. održane su dvije vrlo posjećene radionice na Ekonomskom fakultetu u Rijeci pod naslovom “Sigurnost elektroničkog poslovanja”.

Predavač je bio doc.dr.sc. Saša Aksentijević, stalni sudski vještak za informatiku i telekomunikacije i direktor poduzeća “Aksentijević vještačenje i savjetovanje, d.o.o.”.