Full Paper View

Significance of ISO/IEC 27001 in the Implementation of Governance, Risk and Compliance

Sanskriti Choubey1 , Astitwa Bhargava2

1 Master of Science in Cyber Law and Information Security, National Law Institute University, Bhopal, India.
2 Rajeev Gandhi National Cyber Law Centre, National Law Institute University, Bhopal, India.

Section:Review Paper, Product Type: Journal
Vol.6 , Issue.2 , pp.30-33, Apr-2018


CrossRef-DOI:   https://doi.org/10.26438/ijsrnsc/v6i2.3033


Online published on Apr 30, 2018


Copyright © Sanskriti Choubey , Astitwa Bhargava . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
 

View this paper at   Google Scholar | DPI Digital Library


XML View     PDF Download

Citation :
IEEE Style Citation: Sanskriti Choubey , Astitwa Bhargava , “Significance of ISO/IEC 27001 in the Implementation of Governance, Risk and Compliance”, International Journal of Scientific Research in Network Security and Communication, Vol.6, Issue.2, pp.30-33, 2018.

MLA Style Citation: Sanskriti Choubey , Astitwa Bhargava "Significance of ISO/IEC 27001 in the Implementation of Governance, Risk and Compliance." International Journal of Scientific Research in Network Security and Communication 6.2 (2018): 30-33.

APA Style Citation: Sanskriti Choubey , Astitwa Bhargava , (2018). Significance of ISO/IEC 27001 in the Implementation of Governance, Risk and Compliance. International Journal of Scientific Research in Network Security and Communication, 6(2), 30-33.

45 Views    38 Downloads    18 Downloads
  
  

Abstract :
In organisations, ‘Governance’, ‘Risk’ and ‘Compliance’ (GRC) are among the basic and strongest pillars that work together for the purpose of assuring organizations in meeting their objectives through effective utilization of the available people, process and technology. It is challenging task for most enterprises for sustaining Information Security GRC program with the evolving governance needs, changing risk environment and multiple compliance requirements. ISO 27001:2013 encompasses all the goals of GRC under its Information Security Management System (ISMS) framework through which an effective GRC framework could be established and maintained. In this research paper, researcher have established the relationship between ISO 27001:2013 and GRC while discussing the standard along with GRC objectives.

Key-Words / Index Term :
ISO/IEC 27001:2013, GRC, ISMS, Risk Management, IT Governance

References :
[1] Ernest N Young Company “Implementing-a-governance-risk-and-compliance-program “
[2] Risk & Compliance (GRC) Institute for Software Technology and Interactive Systems “A Frame of Reference for Research of Integrated Governance”.
[3] EMC Corporation “The case for GRC –addressing the top 10 GRC challenges”- white paper.

Authorization Required

 

You do not have rights to view the full text article.
Please contact administration for subscription to Journal or individual article.
Mail us at  editor@isroset.org or view contact page for more details.

Go to Navigation