Skip to main content
SpringerLink
Log in

On the Assessment of Compliance with the Requirements of Regulatory Documents to Ensure Information Security

  • Conference paper
  • First Online:
Trends and Innovations in Information Systems and Technologies (WorldCIST 2020)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1160))

Included in the following conference series:

  • 1684 Accesses

Abstract

Examples of different types of assessments are all around us, providing our assurance that the goods we use won’t harm us, that the system components will work correctly, that services are being delivered consistently, that manufacturers are effectively managing the impact of their activities on health, safety, and the environment, etc. One of the essential forms of assessment is a compliance assessment designed to check how the requirements of regulatory documents to ensure information security (IS) are fulfilled or not on the assessment object, for example, a product, process, system, or service. This short paper discusses work-in-progress results as a part of research aimed at determining the ways of possible improvement, unification and greater formalization of an objective assessment of compliance with the mandatory requirements of regulatory documents on ensuring IS for the selected assessment objects based on the development of recommendations for applying a risk-based approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. ISO 9000:2015 quality management systems—fundamentals and vocabulary (2015)

    Google Scholar 

  2. ISO/IEC 27007:2017 information technology—security techniques—guidelines for information security management systems auditing (2017)

    Google Scholar 

  3. ISO/IEC 17000:2004 conformity assessment—vocabulary and general principles (2004)

    Google Scholar 

  4. Metivier, B.: Cybersecurity compliance assessments: it’s all about interpretation (2017). https://www.sagedatasecurity.com/blog/cybersecurity-compliance-assessments-its-all-about-interpretation. Accessed 13 Oct 2019

  5. ISO 31000:2018 risk management—guidelines (2018)

    Google Scholar 

Download references

Acknowledgment

This work was supported by the MEPhI Academic Excellence Project (agreement with the Ministry of Education and Science of the Russian Federation of August 27, 2013, project no. 02.a03.21.0005).

Author information

Authors and Affiliations

  1. The National Research Nuclear University MEPhI (Moscow Engineering Physics Institute), 31 Kashirskoye shosse, Moscow, Russia

    Natalia Miloslavskaya

  2. The Bank of Russia, 12 Neglinnaya Street, Moscow, Russia

    Svetlana Tolstaya

Authors
  1. Natalia Miloslavskaya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Svetlana Tolstaya
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Natalia Miloslavskaya .

Editor information

Editors and Affiliations

  1. Departamento de Engenharia Informática, Universidade de Coimbra, Coimbra, Portugal

    Álvaro Rocha

  2. College of Engineering, The Ohio State University, Columbus, OH, USA

    Hojjat Adeli

  3. FEUP, Universidade do Porto, Porto, Portugal

    Luís Paulo Reis

  4. DIMES, Università della Calabria, Arcavacata di Rende, Italy

    Sandra Costanzo

  5. Faculty of Electrical Engineering, University of Montenegro, Podgorica, Montenegro

    Irena Orovic

  6. Universidade Portucalense, Porto, Portugal

    Fernando Moreira

Rights and permissions

Reprints and permissions

Copyright information

© 2020 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Miloslavskaya, N., Tolstaya, S. (2020). On the Assessment of Compliance with the Requirements of Regulatory Documents to Ensure Information Security. In: Rocha, Á., Adeli, H., Reis, L., Costanzo, S., Orovic, I., Moreira, F. (eds) Trends and Innovations in Information Systems and Technologies. WorldCIST 2020. Advances in Intelligent Systems and Computing, vol 1160. Springer, Cham. https://doi.org/10.1007/978-3-030-45691-7_74

Download citation

Publish with us

Policies and ethics

Search

Navigation