Open AccessSuggestion of applicability of ISO for the improvement of data security in companies
Author(s) -
Moroni Da Silva Cortez,
Patrícia da Silva Pantoja,
Bruno Gonçalves,
Rilmar Pereira Gomes,
João Antônio de Queiroz Oliveira,
Victor Da,
Sílvia Almeida,
David Barbosa de Alencar,
Moroni Da,
Sylvia Cortez,
Bruno Pereira Gonçalves,
João Gomes,
Jess Mark,
Luísa Oliveira,
David Barbosa
Publication year - 2020
Publication title -
international journal of developmental research
Language(s) - English
Resource type - Journals
ISSN - 2230-9926
DOI - 10.37118/ijdr.19225.06.2020
Subject(s) - information security management system , reliability (semiconductor) , information security , relation (database) , work (physics) , standard of good practice , business , computer science , process management , knowledge management , computer security , engineering , security service , database , security information and event management , cloud computing security , cloud computing , mechanical engineering , power (physics) , physics , quantum mechanics , network security policy , operating system
Suggestion of applicability of ISO to improve the security of company information. Elaborated through a bibliographic research to understand the concepts applied in the present work, adopting a quantitative research through a questionnaire. Research directed to professionals and university students of information technology, and to a random audience. A documentary research was also carried out to collect data in informal *institutions*. The following technical standards were adopted: NBR-ISO-27001, NBR-ISO-27002, NBR-ISO-27008, NBR-ISO-27036, with distinct characteristics and with the intention of being useful in suggesting the applicability of ISO in company procedures. It was possible to evaluate the reliability of the companies in relation to the security of their employee data. With the suggestion of applying the ISO to companies, it is possible to obtain a greater security, as well as a greater availability, with more efficient data exchange. The information security policy is established through rules, standards, and procedures, which must be used internally and externally, providing more reliability. Company employees will begin to carry out processes more efficiently within the organizations. Therefore, the suggestion of using the ISO for information security in companies becomes significantly important because it is one more contribution so that they can have rules to protect both their data and those of their employees.