This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Faculty of Technology, University of Banja Luka , Banja Luka , Bosnia and Herzegovina
Faculty of Technology, University of Banja Luka , Banja Luka , Bosnia and Herzegovina
Faculty of Mechanical Engineering, University of Banja Luka , Banja Luka , Bosnia and Herzegovina
University Computer Center, University of Banja Luka , Banja Luka , Bosnia and Herzegovina
It is known that the three basic elements of information security are protection against confidentiality, integrity and availability of information. The ISO/IEC 27001 standard helps companies protect information in any form. The new version of the ISO/IEC 27001:2022 standard follows new trends in IT and introduces new security controls. Information security is not the same in 2022 as it was in 2013, as many companies have embraced remote work and are using virtual applications. The standards of the ISO/IEC 27000 series represent answers to the increasing challenges of implementing information security measures in the company. The paper researched, analyzed and proposed the conceptual framework of information security in the function of corporate management of information resources, services and business values. The goal is to show that there is a strong connection between information security and company operations. The recommendations and guidelines of the COBIT 2019 management framework were used for information technology management. An important feature of the development and application of the COBIT framework is its flexibility and alignment with many relevant standards.
international standard 27000 series, COBIT, corporate management of information technologies
The statements, opinions and data contained in the journal are solely those of the individual authors and contributors and not of the publisher and the editor(s). We stay neutral with regard to jurisdictional claims in published maps and institutional affiliations.
