European Project Management Journal (May 2021)

Project of ISMS Implementation in Organization – Aspects and Practical Experiences

  • Radoslav Raković

DOI
https://doi.org/10.18485/epmj.2021.11.1.3
Journal volume & issue
Vol. 11, no. 1
pp. 20 – 30

Abstract

Read online

The Information Security Management System (ISMS) represents one of the most complex management systems for implementation in an organization. The comlexity of this system, based on the standard ISO 27001:2013, is a consequence of specific Annex A of the standard that defines 14 areas of information security, with 35 security objectives and 114 controls. Some of these controls are technical, some organizational and some combined ones. It asks the project of ISMS implementation in the organization to be carefully planned and implemented. In this paper, some project management specific aspects related to implementation of this type of project are considered and some practical experiences of the project of ISMS establishment and further improvement in particular organization are presented.

Keywords