Raport analizy ryzyka jako kluczowy element tworzenia polityki bezpieczeństwa informacji
Risk Analysis Report as a Key Element of the Creation of Information Security Policy – Individual Aspect
Author(s): Jerzy Stanik, Maciej KiedrowiczSubject(s): Economy, Business Economy / Management
Published by: Wydawnictwo Naukowe Uniwersytetu Szczecińskiego
Keywords: information security; security policy; risk analysis
Summary/Abstract: The authors present a proprietary approach to the process of creating and maintaining an infor-mation security policy in the organization. The proposed method of creating the Security Policy is comprehensive and easy to apply in practice. It is based on a life cycle of a security policy whose start-up phase is preparatory work carried out quite rarely and on demand, while the regular stage is work performed cyclically – the PDCA model. Within each cycle, the following processes are performed: risk analysis, preparation of the Basic Information Security Policy (BPBI) project, project implementation, development of a security strategy, assessment of the effectiveness of the implemented strategy, improvement of the security policy.
Journal: Ekonomiczne Problemy Usług
- Issue Year: 131/2018
- Issue No: 2/1
- Page Range: 347-360
- Page Count: 14
- Language: Polish