چکیده:
The purpose of this study was to investigate and analyze the assumptions and requirements
for the implementation of Information Security Management System (ISMS). To check
assumptions security for security management system implementation, we studied the
population of patients hospitals in Tabriz. Because information security is considered in
most hospitals and only 8 hospitals in Tabriz cooperate, as the population of the study.
Review the requirements and assumptions are based on the standard ISO / IEC 27001, ISO /
IEC 27002 test target setting and ISO 27001 standard questionnaire containing 33 questions
in 11 control sample. To analyze the data, descriptive and inferential statistical methods
were used for implementation of information security management system. to identify
factors affecting the implementation of information security management system and factor
analysis, structural equation model of PLS smart software was used and according to its
findings indirectly relates to impact the four dimensions of implementation effectiveness of
the system were achieved. The study findings were presented.
خلاصه ماشینی:
Using the software, smart-PLS software and using structural equation modeling confirmatory factor analysis, we measured the results of test of convergent validity, divergent validity, reliability Security and reliability of observable variables and quality test and measurement model of 101 comments of experts, all about the prerequisites and requirements, including information security policy, the organization of information security, asset management, human resources in terms of security, physical and environmental security, communications and operations management, access control, use, development and maintenance, incident management information security, business continuity management and compliance with laws in secure level at %99 forecasted in hospitals in Tabriz are effective information security management system.
com Original Article: Received 20 Jan. 2015 Accepted 8 Feb. 2016 Published 26 Feb. 2016 ABSTRACT The purpose of this study was to investigate and analyze the assumptions and requirements for the implementation of Information Security Management System (ISMS).
For this purpose the requirements of information security management system based on the COBIT model, which includes organizing projection criteria, providing implementation, support and supervision are analyzed Survey placed.
In specific questions we examine the prerequisites and requirements for the implementation of Information Security Management System standard including 33 items.
2. Comparative study of organizations, including hospitals that have attempted to establish information security management system and review results prior to the implementation of the deployment and provide suggestions to improve performance 3.
2. Comparative study of organizations, including hospitals that have attempted to establish information security management system and review results prior to the implementation of the deployment and provide suggestions to improve performance 3.