The Evaluation of Information Security Management System in the Iraqi Commission for Computers and Informatics according to the International Standard (ISO 27001: 2013)
DOI:
https://doi.org/10.33095/jeas.v21i86.764Keywords:
امن المعلومات- نظام ادارة امن المعلومات – الهيئة العراقية للحواسيب والمعلوماتية- مقياس ليكرت –NIST -ISO 27001, Information Security- Information Security Management System- Iraqi Commission for Computers and Informatics - Likert Scale - ISO 27001- NIST.Abstract
The current research included (the evaluation of Information Security Management System on according to international standard (ISO / IEC 27001: 2013) in Iraqi Commission for Computers and Informatics), for the development of an administrative system for information security is considered a priority in the present day, and in the light of the organizations dependence on computers and information technology in work and communication with others. The international legitimacy (represented by the International Organization for standardization (ISO)) remains the basis for matching and commitment and the importance of the application of information Security Management System according to the international standard (ISO / IEC 27001: 2013) is manifested in protecting the assets of the organizations especially information and databases systematically and continuously.
The aim of the research was evaluating between the Information Security Management System that currently exists in the Iraqi Commission for Computers and Informatics (site of conducting the research) and the Information Security Management System according to the International Standard (ISO / IEC 27001: 2013) by using examining checklists in order to diagnose nonconformity gaps with the international standard.
The research has come to an important conclusion, i.e. (the administrative system for information security followed by the Iraqi Commission for Computers and Informatics, despite its dependence on modern technology and the efficient staff , it lacks good documentation and application of many of the requirements International Standard (ISO / IEC 27001: 2013) came with needs to rebuild an organizational structure and functions consistent with the supporting International Standard (ISO / IEC 27003: 2010).
The research concluded with the most important recommendation (forming a work team that adopts preparing the prerequisites of Appling the standard (ISO / IEC 27001: 2013) works at meeting its requirements and the requirements of other management systems (quality management system and so on), and associated with the top management to facilitate the support with resources and powers.
Downloads
Published
Issue
Section
License
Articles submitted to the journal should not have been published before in their current or substantially similar form, or be under consideration for publication with another journal. Please see JEAS originality guidelines for details. Use this in conjunction with the points below about references, before submission i.e. always attribute clearly using either indented text or quote marks as well as making use of the preferred Harvard style of formatting. Authors submitting articles for publication warrant that the work is not an infringement of any existing copyright and will indemnify the publisher against any breach of such warranty. For ease of dissemination and to ensure proper policing of use, papers and contributions become the legal copyright of the publisher unless otherwise agreed.
The editor may make use of Turnitin software for checking the originality of submissions received.
How to Cite
How to use the OJS system 
