Security controls and security standards : correlations and synergies
Βιβλιοθήκες σημείων ελέγχου (security controls) και πρότυπα ασφάλειας : συσχετίσεις και συνέργειες
View/
Keywords
ISO/IEC 27001 ; Information Security Management System ; ISO/IEC 27002:2013 ; ISO/IEC 27002:2022 ; NIS 1 Directive ; NIS 2 Directive ; General Data Protection RegulationAbstract
The digital transformation of organisations continuously increases their exposure to malicious threats, vulnerabilities and attacks. Given this, organisations are required to establish, implement and enforce multiple controls from different regulatory and frameworks such as ISO/IEC 27001, NIS Directive and GDPR. Therefore, this thesis aims to explain, analyze and correlate these regulatory and frameworks. Initially, Chapter 1 defines what an Information Security Management System (ISMS) is, why it is considered important, and what are its benefits. In addition, it is provided an analysis of the updated and revised controls of ISO/IEC 27002. Chapter 2 defines and analyzes the NIS Directive 2016/1148 (NIS Directive) and its updated version of the NIS 2 Directive. Furthermore, Chapter 3 addresses the General Data Protection Regulation (GDPR) and the mapping of its Articles to appropriate domains. Finally, Chapter 4 has been carried out a mapping of the controls of ISO/IEC 27002:2013, ISO/IEC 27002:2022, NIS Directive and GDPR.
Postgraduate Studies Programme
Ασφάλεια Ψηφιακών ΣυστημάτωνDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών ΣυστημάτωνNumber of pages
45Language
EnglishCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα