JUCS - Journal of Universal Computer Science 15(15): 3038-3058, doi: 10.3217/jucs-015-15-3038
Managing Security and its Maturity in Small and Medium-sized Enterprises
expand article infoLuis Enrique Sánchez, Antonio Santos-Olmo Parra§, David G. Rosado, Mario Piattini|
‡ SICAMAN NT., Ciudad Real, Spain§ SICAMAN NT, Ciudad Real, Spain| University of Castilla-La Mancha (UCLM), Ciudad Real, Spain
Open Access
Abstract
Due to the growing dependence of information society on Information and Communication Technologies, the need to protect information is getting more and more important for enterprises. In this context, Information Security Management Systems (ISMSs), have arisen for supporting the processes and systems for effectively managing information security. The fact of having these systems available has become more and more vital for the evolution of Small and Medium-Sized Enterprises (SMEs), but however, this type of enterprises have special characteristics which make it difficult for them the correct deployment of ISMSs. In this article, we show the methodology that we have created for the development, implementation and maintenance of ISMSs, adapted for the needs and resources available for SMEs. This approach is being directly applied to real case studies and thus, we are obtaining a constant improvement in its application.
Keywords
ISMS, SME, security system