PRACTICAL APPLICATION OF A SECURITY MANAGEMENT MATURITY MODEL FOR SMES BASED ON PREDEFINED SCHEMAS

Luís Enrique Sánchez; Daniel Villafranca; Eduardo Fernández-Medina; Mario Piattini

doi:10.5220/0001923803910398

PRACTICAL APPLICATION OF A SECURITY MANAGEMENT MATURITY MODEL FOR SMES BASED ON PREDEFINED SCHEMAS

Luís Enrique Sánchez, Daniel Villafranca, Eduardo Fernández-Medina, Mario Piattini

2008

Abstract

For enterprises to be able to use information technologies and communications with guarantees, it is necessary to have an adequate security management system and tools which allow them to manage it. In small and medium-sized enterprises, the application of security standards has an additional problem, which is the fact that they do not have enough resources to carry out an appropriate management. This security management system must have highly reduced costs for its implementation and maintenance in small and medium-sized enterprises (from here on refered to as SMEs) to be feasible. In this paper we show the practical application of our proposal for a maturity model with which to manage the security in SMEs, centring upon the phase which determines the state of the enterprise and some of the mechanisms which allow the security level to be kept up to date without the need for continuous audits. This focus is continuously refined through its application to real cases, the results of which are shown in this paper.

Download

Paper Citation

in Harvard Style

Enrique Sánchez L., Villafranca D., Fernández-Medina E. and Piattini M. (2008). PRACTICAL APPLICATION OF A SECURITY MANAGEMENT MATURITY MODEL FOR SMES BASED ON PREDEFINED SCHEMAS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008) ISBN 978-989-8111-59-3, pages 391-398. DOI: 10.5220/0001923803910398

in Bibtex Style

@conference{secrypt08,
author={Luís Enrique Sánchez and Daniel Villafranca and Eduardo Fernández-Medina and Mario Piattini},
title={PRACTICAL APPLICATION OF A SECURITY MANAGEMENT MATURITY MODEL FOR SMES BASED ON PREDEFINED SCHEMAS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)},
year={2008},
pages={391-398},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001923803910398},
isbn={978-989-8111-59-3},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)
TI - PRACTICAL APPLICATION OF A SECURITY MANAGEMENT MATURITY MODEL FOR SMES BASED ON PREDEFINED SCHEMAS
SN - 978-989-8111-59-3
AU - Enrique Sánchez L.
AU - Villafranca D.
AU - Fernández-Medina E.
AU - Piattini M.
PY - 2008
SP - 391
EP - 398
DO - 10.5220/0001923803910398