The paper deals with software development for supporting information security management, particularly the modeling of the business environment of the organization implementing Information Security Management System (ISMS). The ISMS, based on the PDCA (Plan-Do-Check-Act) model, was defined in the BS7799-2:2002 standard. The paper focuses on the identification of the ISMS business environment that provides appropriate positioning of the ISMS within the organization. The general model of the ISMS business environment based on the high-level risk analysis was presented. The UML approach allows to implement the ISMS within organizations in a more consistent and efficient way and to create supporting tools improving information security management.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com