{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:00:46Z","timestamp":1754157646793,"version":"3.41.2"},"reference-count":0,"publisher":"Emerald","issue":"1","license":[{"start":{"date-parts":[[2008,3,21]],"date-time":"2008-03-21T00:00:00Z","timestamp":1206057600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2008,3,21]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-heading\">Purpose<\/jats:title><jats:p>This paper aims to demonstrate and offer an open source toolkit with the intent that making technology available to the community may serve to support organizations planning an information security management system implementation.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Design\/methodology\/approach<\/jats:title><jats:p>A case study is presented which highlights the authors' approach to building capability and subsequently overcoming inertial forces which would otherwise have impeded the organization's compliance initiative.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Findings<\/jats:title><jats:p>The case study proposes a novel approach to managing an ISMS implementation through the use of a custom developed toolkit, which based on the experience of the authors enabled the subject organization to achieve ISO 27001 certification.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Practical implications<\/jats:title><jats:p>The adoption of the approach and tradecraft presented in the paper may enable similar organizations in building capacity to better manage information security programs.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Originality\/value<\/jats:title><jats:p>Insomuch as the recently revised ISO 27001 Information Security Code of Practice is well documented, comprehensive, methodological and widely supported, it is evident from the relatively low volume of certifications (a list of current certification registrations may be found at the ISMS International User Group Certificate Register \u2013 <jats:ext-link xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" ext-link-type=\"uri\" xlink:href=\"http:\/\/www.iso27001certificates.com\">www.iso27001certificates.com<\/jats:ext-link>), that many compliance initiatives are challenged in realizing full success. Based on the experiences presented in this paper, the authors believe these challenges must be overcome with appropriate capability building necessary to achieve a successful implementation.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09685220810862742","type":"journal-article","created":{"date-parts":[[2008,4,5]],"date-time":"2008-04-05T07:10:22Z","timestamp":1207379422000},"page":"49-57","source":"Crossref","is-referenced-by-count":2,"title":["Reaching escape velocity"],"prefix":"10.1108","volume":"16","author":[{"given":"Jason","family":"Bellone","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Segolene","family":"de Basquiat","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Juan","family":"Rodriguez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"140","container-title":["Information Management &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685220810862742","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220810862742\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220810862742\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:09:04Z","timestamp":1753402144000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/16\/1\/49-57\/179034"}},"subtitle":["A practiced approach to information security management system implementation"],"short-title":[],"issued":{"date-parts":[[2008,3,21]]},"references-count":0,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2008,3,21]]}},"alternative-id":["10.1108\/09685220810862742"],"URL":"https:\/\/doi.org\/10.1108\/09685220810862742","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[2008,3,21]]}}}