Information security management systems in Marshal Offices in Poland

• Autorzy: Lisiak-Felicka D. , Szmit M.
• Języki publikacji: EN

Abstrakty

EN

The article presents results of a survey concerning Information Security Management Systems (ISMS), which was conducted in Marshal Offices between December 2012 and April 2013. Survey questionnaires were sent to all sixteen Marshal Offices in Poland. The aim of the research was identifying in which government offices information security management systems are implemented, according to which standards are developed and certified and gathering information about factors facilitate the implementation of the ISMS, problems encountered in the implementation of this system and documentation concerning information security.

Słowa kluczowe

EN

information security; management systems; information security policy

PL

bezpieczeństwo informacji; system zarządzania; polityka bezpieczeństwa informacji

• Wydawca: Wydawnictwo Szkoły Głównej Gospodarstwa Wiejskiego w Warszawie
• Czasopismo: Information Systems in Management
• Rocznik: 2014
• Tom: Vol. 3, No. 2
• Strony: 134--144
• Opis fizyczny: Bibliogr. 19 poz., rys., tab., wykr.

Twórcy

autor

Lisiak-Felicka D.

• Department of Computer Science in Economics,Faculty of Economics and Sociology, University of Łódź

autor

Szmit M.

• Corporate IT Security Agency, Orange Labs Poland

Bibliografia

• [1] Calder A.: Nine Steps to Success: an ISO 27001 Implementation Overview, IT Governance Publishing, UK, 2005, pp. 107-112.
• [2] Gillies A.: Improving the quality of information security management systems with ISO27000, TQM Journal, Volume 23, Issue 4, 2011, pp. 367-376.
• [3] Humphreys E., Implementing the ISO/IEC 27001 Information Security Management System Standard, Artech House, Norwood 2007, pp. 11-44.
• [4] Ilvonen I.: Information security culture or information safety culture - What do words convey?, 10th European Conference on Information Warfare and Security 2011, ECIW 2011, Tallinn 2011, pp. 148-154.
• [5] International Standard ISO/IEC 27000:2009 Information technology — Security techniques — Information security management systems — Overview and vocabulary. First edition, ISO 2009.
• [6] ISO Guide 73 Risk management — Vocabulary. First edition, ISO 2009.
• [7] Jašek R.: The information security of enterprises and citizens' security context, Komunikacie Volume 7, Issue 3, University of Zilina, Žilina 2005, pp. 45-48.
• [8] Kister Ł.: Significance of information security in a company, (w:) Riešenie krízových situácií v špecifickom prostredí, University of Zilina, Žilina 2009, pp. 329-334.
• [9] Korzeniowski L. F.: Securitology - The concept of safety, Komunikacie, Volume 7, Issue 3, University of Zilina, Žilina 2005, pp. 20-23.
• [10] Korzeniowski L. F.: Informačná bezpečnosť podnikania. Žilina: Multiprint, 2010
• [11] Korzeniowski L. F.: Podstawy nauk o bezpieczeństwie, Warszawa: Difin, 2012.
• [12] Lisiak-Felicka D., Szmit M.: “Tango Down” – Some Comments to the Security of Cyberspace of Republic of Poland, [in:] Biały W. Kaźmierczak J. (ed.), Systems supporting production engineering, pp. 133-145, PKJS, Gliwice 2012, ISBN: 978-83- 62652-34-1.
• [13] Monarcha-Matlak A.: Obowiązki administracji w komunikacji elektronicznej, Wolters Kluwer Polska, 2008, pp. 239-268.
• [14] Regulation of April 29, 2004, by the Minister of Internal Affairs and Administration as regards personal data processing documentation and technical and organizational conditions which should be fulfilled by devices and computer systems used for personal data processing (Journal of Laws of 2004 No. 100 item 1024).
• [15] Robinson N.: IT excellence starts with governance, Journal of Investment Compliance, Volume 6 Issue 3, 2005, pp. 45-49.
• [16] Stoll M., Breu R.: Information security measurement roles and responsibilities, 6th International Joint Conference on Computer, Information and Systems Sciences and Engineering, Lecture Notes in Electrical Engineering, Volume 151, 2013, pp. 11-23.
• [17] Suchorzewska A.: Ochrona prawna systemów informatycznych wobec zagrożenia cyberterroryzmem, Wolters Kluwer Polska, 2010, pp. 279-285.
• [18] Ustawa z dnia 5 czerwca 1998 r. o samorządzie województwa (Dz. U. z 2001 r., Nr 142, poz. 1590 z późn. zm.).
• [19] Ustawa z dnia 29 sierpnia 1997 r. o ochronie danych osobowych (Dz. U. z 1997 r., Nr 133, poz. 883, z późn. zm.).