<![CDATA[In the increasingly complex and dynamic digital era, cybersecurity risk management has become a critical aspect affecting the operations and sustainability of organizations. This study examines the practice of cybersecurity risk management from the perspective of organizations that have obtained ISO 27001 certification, an international standard that sets the criteria for information security management systems (ISMS). The focus of this research is ISO 27001, one of the world's leading information security standards. This study explores the meaning of ISO 27001, risk management, and the process of implementing this certification within organizations through a literature review. Findings indicate that the implementation of ISO 27001 has a significant impact on the organization's awareness of information security management. The implementation process of ISO 27001 includes a series of steps and approaches designed to help organizations effectively manage cybersecurity risks. This study highlights the importance of implementing ISO 27001 into cybersecurity risk management practices to enhance information security and prevent cyberthreats. The study also evaluates the level of organizational awareness of the ISO 27001 standard and its impact on the implementation of cybersecurity risk management practices. Our findings show that organizations with ISO 27001 certification have a higher awareness of the importance of cybersecurity risk management, thereby supporting the implementation of more effective risk management practices. Thisstudy aims to provide insights and practical guidance for organizations in applying and utilizing cybersecurity risk management according to the ISO 27001 standard. Therefore, this research contributes to the enhancement of awareness and the implementation of better information security standards in thecurrent digital era.]]>
Copyrights © 2024
