Högskolan i Skövde

his.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A simplified ISMS: Investigating how an ISMS for a smaller organization can be implemented
University of Skövde, School of Informatics.
2021 (English)Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Over the past year, cyber threats have been growing tremendously, which has led to an essential need to strengthen the organization's security. One way of strengthening security is to implement an information security management system (ISMS). Although an ISMS will help improve the information security work within the business, organizations struggle with its implementation, and significantly smaller organizations. That results in smaller organization's information being potentially less protected.This thesis investigates how an ISMS based on MSB can be simplified to make it suitable for a small organization to implement. This thesis aims to open for further research about how it can be simplified and if it has a value of doing it.The study is based on a qualitative approach where semi-structured interviews with experts were conducted. This thesis concludes that it is possible to simplify an ISMS based on MSB for a small organization by removing external analysis, information classification, information classification model, continuity management for information assets, and incident management. In addition, the study provides tips on what a small organization should think about before and during implementation.

Place, publisher, year, edition, pages
2021. , p. 31
Keywords [en]
Information security management system, ISMS, Information security, ISO/IEC 27001, Simplify, ISO/IEC 27000, MSB, Method support for systematic information security work.
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:his:diva-20238OAI: oai:DiVA.org:his-20238DiVA, id: diva2:1580053
Subject / course
Informationsteknologi
Educational program
Privacy, Information and Cyber Security - Master's Programme 60 ECTS
Supervisors
Examiners
Available from: 2021-07-13 Created: 2021-07-13 Last updated: 2021-07-13Bibliographically approved

Open Access in DiVA

fulltext(583 kB)1168 downloads
File information
File name FULLTEXT01.pdfFile size 583 kBChecksum SHA-512
1c6f094257f530d3e865b54246671405c241199bbab3f20832086873c1f262dbbf8567dcca1d3a77f67b89ebc3e138f6805f2372c6f46cbb03d2295e5358d201
Type fulltextMimetype application/pdf

By organisation
School of Informatics
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 1169 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 1030 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf