MULTICRITERIA ANALYSIS OF THE COMPLIANCE FOR THE IMPROVEMENT OF INFORMATION SECURITY

AUTOR(ES)

Solana-González, Pedro

FONTE

JISTEM J.Inf.Syst. Technol. Manag.

DATA DE PUBLICAÇÃO

02/12/2019

RESUMO

ABSTRACT Information security is a current issue of protection of information assets that considers significant variables of a strategic, organizational and IT governance nature, and that requires to analyze the compliance with international standards that regulate business actions. In this way, the work analyzes institutional compliance to improve information security applying the Analytic Hierarchy Process methodology to the specific practices defined in ISO/IEC 27002:2013. Expert Choice has been used as Decision Support Systems that has generated as a result the ranking of priorities of the criteria and alternatives used in the decisional process. It has been later applied in a medium-sized Brazilian industrial company. The results identify that the main security practice is the one related to the independent critical analysis of information security.

Documentos Relacionados

• Multicriteria Evaluation for Protected Area Definition Aiming at Water Quality Improvement
• Compliance improvement in periodontal maintenance
• A multicriteria model for ranking of improvement approaches in construction companies based on the PROMETHÉE II method
• Security and privacy in the information economy
• A segurança da informação em organizações de Salvador.