Development of the Information Security Management System Standard for Public Sector Organisations in Estonia

CC Attribution - NonCommercial - ShareAlike 4.0 International:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this

Identifiers

10.5446/53700 (DOI)

Publisher

Technische Informationsbibliothek (TIB)

1080328793 (GND)

04aj4c181 (ROR)

Release Date

2021

Language

English

Content Metadata

Subject Area

Information Science

Genre

Conference/Talk

Abstract

Standardisation gives us a common understanding or processes to do something in a commonly accepted way. In information security management, it means to achieve the appropriate security level in the context of known and unknown risks. Each government’s goal should be to provide digital services to its citizens with the acceptable level of confidentiality, integrity and availability. This study elicits the EU countries’ requirements for information security management system (ISMS) standards and provides the standards’ comparison requirements. The Estonian case is an example to illustrate the method when choosing or developing the appropriate ISMS standard to public sector organisations.

Keywords

Information Security Management System

ISMS

Public Sector, Requirements of Security Standards

Estonia