PROJECT OF ISMS IMPLEMENTATION IN ORGANIZATION – ASPECTS AND PRACTICAL EXPERIENCES
PROJECT OF ISMS IMPLEMENTATION IN ORGANIZATION – ASPECTS AND PRACTICAL EXPERIENCES
Author(s): Radoslav RakovićSubject(s): Business Economy / Management, ICT Information and Communications Technologies
Published by: Udruženje za upravljanje projektima - IPMA Srbija
Keywords: Integrated Security Management System; Project Management; Risk Management; Statement of Applicability; General Data Protection Regulation (GDPR)
Summary/Abstract: The Information Security Management System (ISMS) represents one of the most complex management systems for implementation in an organization. The comlexity of this system, based on the standard ISO 27001:2013, is a consequence of specific Annex A of the standard that defines 14 areas of information security, with 35 security objectives and 114 controls. Some of these controls are technical, some organizational and some combined ones. It asks the project of ISMS implementation in the organization to be carefully planned and implemented. In this paper, some project management specific aspects related to implementation of this type of project are considered and some practical experiences of the project of ISMS establishment and further improvement in particular organization are presented.
Journal: European Project Management Journal
- Issue Year: 11/2021
- Issue No: 1
- Page Range: 20-30
- Page Count: 11
- Language: English
