Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvanced

Detalhes bibliográficos
Autor(a) principal: Amarante, André Gramata Ribau
Data de Publicação: 2022
Tipo de documento: Dissertação
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10773/36656
Resumo: ISO/IEC 27001 is an information security standard increasingly present in the current global market. Lately, there has been a rise in the concern of companies with information security, whether it is fueled by the current pandemic, by the increase in attacks to all types of organizations or even by the legislation requirements of various countries. This thesis aims for the planning, execution and evaluation of an ISO/IEC 27001 implementation project at PICadvanced, an organization inserted in the Small and Medium-sized enterprises (SME) category, and founded at ’Incubadora da Universidade de Aveiro’ in 2014, operating in the telecommunications market. The possibility of integration of the NIST cybersecurity framework with the 27001 project will also be studied and implemented. Lastly, since PICadvanced has an ongoing ISO 9001 implementation project (relative to quality management) which may be integrated with the information security system, the 27001 project will include measures in that direction.
id RCAP_5091a76ee94e99d30fd81b27a7c00192
oai_identifier_str oai:ria.ua.pt:10773/36656
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvancedISO/IEC 27001Information securityISMSNISTCSFSMEISO/IEC 27001 is an information security standard increasingly present in the current global market. Lately, there has been a rise in the concern of companies with information security, whether it is fueled by the current pandemic, by the increase in attacks to all types of organizations or even by the legislation requirements of various countries. This thesis aims for the planning, execution and evaluation of an ISO/IEC 27001 implementation project at PICadvanced, an organization inserted in the Small and Medium-sized enterprises (SME) category, and founded at ’Incubadora da Universidade de Aveiro’ in 2014, operating in the telecommunications market. The possibility of integration of the NIST cybersecurity framework with the 27001 project will also be studied and implemented. Lastly, since PICadvanced has an ongoing ISO 9001 implementation project (relative to quality management) which may be integrated with the information security system, the 27001 project will include measures in that direction.A ISO/IEC 27001 é uma norma de segurança de informação cada vez mais presente no mercado global dos dias de hoje. Nos últimos tempos, temos assistido ao crescimento da preocupação das empresas com a segurança da informação, seja pela situação pandémica vivida, pela crescente onda de ataques informáticos a todo o tipo de organizações ou mesmo pelas exigências normativas dos diferentes países. Esta dissertação visa o planeamento, execução e avaliação de um projeto de implementação da norma ISO/IEC 27001 na empresa PICadvanced, uma empresa atualmente pretencente ao grupo das Pequenas e Média Empresas (PME), e fundada na Incubadora da Universidade de Aveiro em 2014, operando no mercado das telecomunicações. A possibilidade de integração da framework de cibersegurança do NIST com o projeto da 27001 será também estudada e implementada. Por fim, como decorre atualmente na PICadvanced a implementação da ISO 9001 (referente à gestão de qualidade) e cuja implementação pode ser integrada com o sistema de segurança de informação, o projeto da 27001 irá incluir medidas nesse sentido.2024-12-28T00:00:00Z2022-12-16T00:00:00Z2022-12-16info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10773/36656engAmarante, André Gramata Ribauinfo:eu-repo/semantics/embargoedAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-02-22T12:10:39Zoai:ria.ua.pt:10773/36656Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T03:07:22.758430Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvanced
title Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvanced
spellingShingle Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvanced
Amarante, André Gramata Ribau
ISO/IEC 27001
Information security
ISMS
NIST
CSF
SME
title_short Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvanced
title_full Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvanced
title_fullStr Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvanced
title_full_unstemmed Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvanced
title_sort Integrated implementation of ISO/IEC 27001 and the NIST cybersecurity framework at PICadvanced
author Amarante, André Gramata Ribau
author_facet Amarante, André Gramata Ribau
author_role author
dc.contributor.author.fl_str_mv Amarante, André Gramata Ribau
dc.subject.por.fl_str_mv ISO/IEC 27001
Information security
ISMS
NIST
CSF
SME
topic ISO/IEC 27001
Information security
ISMS
NIST
CSF
SME
description ISO/IEC 27001 is an information security standard increasingly present in the current global market. Lately, there has been a rise in the concern of companies with information security, whether it is fueled by the current pandemic, by the increase in attacks to all types of organizations or even by the legislation requirements of various countries. This thesis aims for the planning, execution and evaluation of an ISO/IEC 27001 implementation project at PICadvanced, an organization inserted in the Small and Medium-sized enterprises (SME) category, and founded at ’Incubadora da Universidade de Aveiro’ in 2014, operating in the telecommunications market. The possibility of integration of the NIST cybersecurity framework with the 27001 project will also be studied and implemented. Lastly, since PICadvanced has an ongoing ISO 9001 implementation project (relative to quality management) which may be integrated with the information security system, the 27001 project will include measures in that direction.
publishDate 2022
dc.date.none.fl_str_mv 2022-12-16T00:00:00Z
2022-12-16
2024-12-28T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10773/36656
url http://hdl.handle.net/10773/36656
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/embargoedAccess
eu_rights_str_mv embargoedAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799137729220444160

Registros relacionados