Integrated Model of Knowledge Management for Security of Information Technologies: Standards ISO/IEC 15408 and ISO/IEC 18045
Publication Type:Journal Article
Source:Information & Security: An International Journal, Volume 43, Issue 3, p.305-317 (2019)
Keywords:Information Security, information technologies, IT security, knowledge management, security standards
The paper presents analysis of existing knowledge management models and justification for introducing an integrated model of knowledge management for both industry and academia. It is proposed to build such a model using well-known standards of IT security – common criteria and methodology for IT security evaluation. The model of knowledge management is elaborated by analysing the content of the relevant elements of standards and establishing the knowledge content that determines the forms of relations between them. The authors propose the application of an architecture of four-factor models towards the formation of knowledge management models in the organization of the information security management system in accordance with the standards of the series ISO/ IEC 27000.