Information security Management toolkit for ISO/IEC 27001 standard, case of small-to-medium sized enterprises (SMEs)
View/ Open
Date
2020Author
Wanyonyi, Victor, W
Type
ThesisLanguage
enMetadata
Show full item recordAbstract
Information security has become an important aspect in today’s business environment, where all
operations are technology centered. Over the years lots of effort has been put to ensure that
organizations manage information security in a standardized manner. There are several
frameworks and standards such as COBIT, ITIL and ISO/IEC 27001 that have been proposed for
this purpose. In this work the focus was on ISO/IEC 27001 which is an international standard that
provides specification for an Information Security Management System (ISMS). The standard is
designed to assist large and small enterprises to manage their information security processes in
line with international best practice. Small and Medium-sized Enterprises (SMEs) usually find it
difficult to comprehensively implement the prescriptive requirements of the standard. This study
proposes a toolkit approach in helping SMEs implement the requirements of the standard. It
proposes and develops an ISO/IEC 27001 information security toolkit as a prototype for guiding
organizations in implementing information security controls. Apart from toolkit design and
implementation, the study also assesses the toolkit and its usability. Results indicated that majority
of SMEs would embrace the toolkit and that it can be of great importance in guiding them
implement controls of the standard. Furthermore, the study found out that with further
enhancement of the toolkit features, to incorporate all aspects of ISO 27001 standard, the toolkit
can be used for both large enterprises and small enterprises in implementing the standard
requirements.
Publisher
University of Nairobi
Rights
Attribution-NonCommercial-NoDerivs 3.0 United StatesUsage Rights
http://creativecommons.org/licenses/by-nc-nd/3.0/us/Collections
The following license files are associated with this item: