Human Resources Security Management towards ISO/IEC 27001:2005 accreditation of an Information Security Management System
Human Resources Security Management towards ISO/IEC 27001:2005 accreditation of an Information Security Management System
Author(s): Constantin Militaru, Daniel CostinSubject(s): Business Economy / Management, Security and defense, Human Resources in Economy, ICT Information and Communications Technologies
Published by: EDITURA ASE
Keywords: ISO/IEC 27001; ISMS; Screening; Security Control; Security Policy;
Summary/Abstract: Currently, ISO/IEC 27001:2005 is the formal specification standard for Information Security Management System (ISMS), against which organizations may seek certification. This International Standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's ISMS. The “Human Resources Security” main clause deals with all three phases of employment: prior, during, and post-employment. There are critical information security controls and safeguards within each of these three elements. This clause helps management evaluate and deploy important controls within these three dimensions of the employment life cycle. People will always be an organization’s greatest asset and its greatest risk.
Journal: Revista de Management Comparat Internațional
- Issue Year: 10/2009
- Issue No: S1
- Page Range: 263-268
- Page Count: 6
- Language: English