Reaching escape velocity

Jason Bellone (United Nations Office, Geneva, Switzerland)
Segolene de Basquiat (United Nations, New York, New York, USA)
Juan Rodriguez (United Nations, New York, New York, USA)

Information Management & Computer Security

ISSN: 0968-5227

Publication date: 21 March 2008

Abstract

Purpose

This paper aims to demonstrate and offer an open source toolkit with the intent that making technology available to the community may serve to support organizations planning an information security management system implementation.

Design/methodology/approach

A case study is presented which highlights the authors' approach to building capability and subsequently overcoming inertial forces which would otherwise have impeded the organization's compliance initiative.

Findings

The case study proposes a novel approach to managing an ISMS implementation through the use of a custom developed toolkit, which based on the experience of the authors enabled the subject organization to achieve ISO 27001 certification.

Practical implications

The adoption of the approach and tradecraft presented in the paper may enable similar organizations in building capacity to better manage information security programs.

Originality/value

Insomuch as the recently revised ISO 27001 Information Security Code of Practice is well documented, comprehensive, methodological and widely supported, it is evident from the relatively low volume of certifications (a list of current certification registrations may be found at the ISMS International User Group Certificate Register – www.iso27001certificates.com), that many compliance initiatives are challenged in realizing full success. Based on the experiences presented in this paper, the authors believe these challenges must be overcome with appropriate capability building necessary to achieve a successful implementation.

Keywords

Citation

Bellone, J., de Basquiat, S. and Rodriguez, J. (2008), "Reaching escape velocity", Information Management & Computer Security, Vol. 16 No. 1, pp. 49-57. https://doi.org/10.1108/09685220810862742

Download as .RIS

Publisher

:

Emerald Group Publishing Limited

Copyright © 2008, Emerald Group Publishing Limited

Please note you might not have access to this content

You may be able to access this content by login via Shibboleth, Open Athens or with your Emerald account.
If you would like to contact us about accessing this content, click the button and fill out the form.
To rent this content from Deepdyve, please click the button.