Standardiserad informationssäkerhet inom systemutveckling : En pragmatisk metod för uppehållande av en hög standard med ramverket ISO 27000

Sammanfattning: In today’s online world it is important to protect your organization’s valuable information and assets. Information can be stolen or destroyed in many different ways, and it needs to be dealt with not only on a technical level, but also on a management level. However, the current methods are not very intuitive and require a lot of familiarity with information security management. This report explores how planning of information security within an organization can instead be accomplished in a simple and pragmatic manner, without discouraging the user with too much information and making it too complicated. This is done by examining the requirements and controls from the ISO 27000 framework, and with those in regard creating a method that’s more useful, intuitive, and easy to follow.