Audit Managerial in PHP

Audit Managerial in PHP

Abstract:

Business leaders shall have responsibility for and cope with all managerial branches of knowledge, "disciplines", required in their business and used within the business processes. Disciplines and their business integration in a multifaceted organizational environment are considered here from both the practical viewpoints and theoretical foundation of scientific philosophy. These disciplines are handled in various international management system standards for directing and guiding the development of organizational practices. Information security management is one of the disciplines that has become significant or even crucial in the most organizations of business and social communities. The ISO/IEC 27001 standard specifies general requirements for it. In this paper, the authors take a stance on this standard and its applications, reveal problems from the standards' user's point of view, and present experienced solutions that could be applied for the needs of any kind of organization. This paper provides a comprehensive manner with many different and practically relevant viewpoints to apply the ISO/IEC 27001 standard creatively and integrate it with other managerial disciplines and the processes of management of an organization. This is a new approach differing from traditional isolated and strictly formalized implementations of the information security management systems. Also the harmonization of the different management system standards is a new effort in standardization. Challenges of the modern business environments have been discussed. Information security management is considered from an organization's overall business performance point of view, and in this context a practical focus is on evaluations and systemic performance transformations. Business leaders' crucial role is justified, and managing situations are analyzed and new attitudes proposed. The research approach of this paper is business pragmatism combined with relevant academic studies based on the authors' long term experiences as business and standardization practitioners, and academic researchers.