Conceptualization of knowledge about information security management system
Abstract
The use of ISO / IEC 27000 and ISO Guide 73 standards as glossaries of terms regarding the information security management system is considered. The establishment of correlation between terms on the ontological approach is shown. Attention is drawn to its applicability to the presentation of organizational guidelines and deadlines for risk. Against this background, conceptualized knowledge about the ontology information security management system, taking into account the systematic approach. This system is presented as a complete entity with stable structural and functional links between its elements.References
International Organization for Standardization. (2018, Febr. 7). ISO/IEC 27000, Information technology. Security techniques. Information security management systems. Overview and vocabulary. Geneva. [Online]. Available: https://www.iso.org/ru/standard/73906.html.
International Organization for Standardization. (2016, Jan. 21). ISO Guide 73, Risk management, Vocabulary. Geneva. [Online]. Available: https://www.iso.org/standard/44651.html.
I. Meriah, and L. B. Arfa Rabai, “Comparative Study of Ontologies Based ISO 27000 Series Security Standards”, Procedia Computer Science, vol. 160, pp. 85–92, 2019, doi: 10.1016/j.procs.2019.09.447.
P. Sirisom, J. Payakpate, and W. Wongthai, “A System Design for the Measurement and Evaluation of the Communications Security Domain in ISO 27001:2013 Using an Ontology”, in Information Science and Applications, vol 424, K. Kim, and N. Joukov, Eds. Singapore: Springer, 2017, pp. 257–265, doi: 10.1007/978-981-10-4154-930.
M. Uschold, and M. Gruninger, “Ontologies principles methods and applications”, Knowl. Eng. Rev, vol. 11, no. 2, pp. 93–155, 1996.
T. A. Gavrilova, and V. F. Khoroshevskii, Intelligent systems knowledge base, Kharkiv: Piter, 2000.
