A model of sustainable information security management system in higher education institutions
Modern business systems have the expectations and requirements of users and stakeholders for safer and better services that are constantly growing. The increasing use of information technology in business increases the threats and vulnerabilities to which information resources are exposed, which causes an increase in information risks. Many business institutions must constantly monitor their activities to establish an organized and sustainable information security management system and services. The requirements of the international standard ISO/IEC 27001 and the generally accepted COBIT management framework are important for the application of such a system. The paper presents a model of a sustainable information security management system (ISMS) at universities.