Full-text resources of CEJSH and other databases are now available in the new Library of Science.
Visit https://bibliotekanauki.pl

PL EN

Journal

Information Systems in Management

2016 | 5 | 3 | 389-400

Article title

DECISION SUPPORT SYSTEM FOR INFORMATION SYSTEMS SECURITY AUDIT (WABSI) AS A COMPONENT OF IT INFRASTRUCTURE MANAGEMENT

Authors

Rudowski Michał , Tarnowska Katarzyna

Content

Full texts:
ISIM_Vol_5(3)_389-400

Title variants

Languages of publication

EN

Abstracts

EN
The paper presents the concepts and implementation of application for monitoring, analysis and reporting of enterprise information systems security. The purposes of the application are: comprehensive support for IT security administrator and auditors in checking information security and systems security levels, checking security policy implementation and compliance with security standards required by certificates and other regulations. The paper presents the requirements for the system, its architecture and implementation of particular components, evaluation of application and tests executed with regard to security standards. According to the authors, it is the IT management system which many organizations and solution providers lack. It results in that the effectiveness of the management of information security in these organizations may be less than expected.

Keywords

EN

Publisher

Katedra Informatyki Szkoła Główna Gospodarstwa Wiejskiego w Warszawie

Journal

Information Systems in Management

Year

2016

Volume

5

Issue

3

Pages

389-400

Physical description

Dates

published
2016

Contributors

author
Rudowski Michał
  • Institute of Computer Science, Warsaw University of Technology
author
Tarnowska Katarzyna
  • Institute of Computer Science, Warsaw University of Technology

References

  • ISO/IEC 27003:2010, https://www.iso.org/obp/ui/#iso:std:iso-iec:27003:ed-1:v1:en.
  • Liderman K., 2003, Podręcznik administratora systemu teleinformatycznego, Mikom.
  • Liderman K., 2008, Analiza ryzyka i ochrona informacji w systemach komputerowych, Mikom.
  • McKendrick J., 2012, Closing the Security Gap 2012, IOUG Enterprise Data Security Survey, Unisphere Research.
  • Molski M., Łacheta M., 2007 Przewodnik administratora systemów informatycznych, Helion.
  • Mikołajczuk P., Talarowski P., 2009, Realizacja polityki bezpieczeństwa przedsiębiorstwa – projektowanie i wdrażanie Systemu Bezpieczeństwa Informacji, master thesis, Instytut Informatyki Politechniki Warszawskiej.
  • Norma PN-ISO/IEC 27001:2014, Polski Komitet Normalizacyjny, Warszawa.
  • Norma PN-EN ISO 19011:2012, Polski Komitet Normalizacyjny, Warszawa.
  • Tarnowska K., 2013, Audyt bezpieczeństwa systemów informatycznych, bachelor thesis, Instytut Informatyki Politechniki Warszawskiej, https://repo.pw.edu.pl/docstore/download.seam?fileId=WUT307632.
  • Wright P., 2011, Oracle Forensics: Oracle Security Best Practices, Rampant Techpress.

Document Type

Publication order reference

Identifiers

ISSN
2084-5537

YADDA identifier

bwmeta1.element.desklight-cfcb7dcc-789d-49c7-8288-dca03e6918ac
JavaScript is turned off in your web browser. Turn it on to take full advantage of this site, then refresh the page.