Security, Standard, Compliance
The ISO 27001 adoption grows worldwide motivated primarily by the need for compliance and as a way of improving the management of assets and risks of organizations. Many are the challenges to establish and maintain a Information Security Management System (ISMS) effective and adds value. However, the Brazilian organizations studies about these challenges are scarce. This article identifies and analyzes some of the challenges faced in establishing and maintaining an ISMS on the national scene using the multiple case study method. Obstacles such as lack of management support, lack of training of information security area, influence of local culture, failures in risk analysis and resistance to change were systematically identified.
Fazenda, Rodrigo Valle and Fagundes, Leonardo Lemes, "Analysis of the challenges faced in establishing and maintaining an information security management system on the Brazilian scene" (2015). Proceedings of the XI Brazilian Symposium on Information Systems (SBSI 2015). 60.