NCI WEBSITE
NORMA eResearch @NCI Library

Enhancing Information Security Management System using ISO controls-based framework

Tools

Shetty, Abhishek Dinesh (2023) Enhancing Information Security Management System using ISO controls-based framework. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (850kB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (456kB) | Preview

Abstract

This research paper presents a comprehensive framework for achieving ISO 27001:2022 compliance and enhancing information security practices. The analysis begins with an exploration of the ISO 27001:2022 standard and its vital role in modern cybersecurity. It details a dynamic web-based framework, developed using React JS, that catalogues and explains all 93 controls specified by the standard. The framework aids organizations in conducting gap analyses and evaluating adherence to controls.

The research emphasizes the synergy of automated analysis through the framework and human assessment of internal policies. By manually assessing confidential documents, organizations gain a nuanced perspective on their security measures. The paper advocates for a holistic approach to addressing gaps, incorporating industry best practices. By bridging these gaps and implementing missing controls, organizations bolster their information security posture and proactively mitigate cyber threats. In essence, this research guides organizations in navigating complex information security landscapes while safeguarding critical assets.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Sahni, Vikas
UNSPECIFIED
Uncontrolled Keywords: Information security; Gap analysis; ISO 27001:2022; Controls implementation; web framework
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Z Bibliography. Library Science. Information Resources > ZA Information resources > ZA4150 Computer Network Resources > The Internet > World Wide Web
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunications > The Internet > World Wide Web
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 10 Jan 2025 15:33
Last Modified: 10 Jan 2025 15:33
URI: https://norma.ncirl.ie/id/eprint/7300

Actions (login required)

View Item View Item