To search, Click below search items.


All Published Papers Search Service


Ontology-based Risk Control for the Incident Management


Tung Ju Chiang, Jen Shiang Kouh, Ray-I Chang


Vol. 9  No. 11  pp. 181-189


Both non-profit and commercial organizations rely heavily on information to process their daily activities. The information security management standards are widely used and advocated by researchers and practitioners to reduce security incidents and lower down risk. One problem of information security management is in compliance with new and never-ending best practices, regulation and legislation. In this work we proposed an ontological mapping of the ISO/IEC 27001 standard, IT security EBK and its control countermeasure in combination with our Security Ontology approach. For the purpose of the reusability, interoperability, aggregation and reasoning of the security knowledge.


Ontology, owl, protege, information security, iso 27001