TY  - JOUR
AB  - Purpose– This paper aims to demonstrate and offer an open source toolkit with the intent that making technology available to the community may serve to support organizations planning an information security management system implementation.Design/methodology/approach– A case study is presented which highlights the authors' approach to building capability and subsequently overcoming inertial forces which would otherwise have impeded the organization's compliance initiative.Findings– The case study proposes a novel approach to managing an ISMS implementation through the use of a custom developed toolkit, which based on the experience of the authors enabled the subject organization to achieve ISO 27001 certification.Practical implications– The adoption of the approach and tradecraft presented in the paper may enable similar organizations in building capacity to better manage information security programs.Originality/value– Insomuch as the recently revised ISO 27001 Information Security Code of Practice is well documented, comprehensive, methodological and widely supported, it is evident from the relatively low volume of certifications (a list of current certification registrations may be found at the ISMS International User Group Certificate Register – www.iso27001certificates.com), that many compliance initiatives are challenged in realizing full success. Based on the experiences presented in this paper, the authors believe these challenges must be overcome with appropriate capability building necessary to achieve a successful implementation.
VL  - 16
IS  - 1
SN  - 0968-5227
DO  - 10.1108/09685220810862742
UR  - https://doi.org/10.1108/09685220810862742
AU  - Bellone Jason
AU  - de Basquiat Segolene
AU  - Rodriguez Juan
PY  - 2008
Y1  - 2008/01/01
TI  - Reaching escape velocity: A practiced approach to information security management system implementation
T2  - Information Management & Computer Security
PB  - Emerald Group Publishing Limited
SP  - 49
EP  - 57
Y2  - 2024/04/24
ER  -