Abstract:
With the increasing use of new information technologies in the activity of HEIs, the need to protect information has emerged. Information security addresses several issues, not just IT. Therefore, in the meantime, it has become mandatory to implement security frameworks that address cyber security as a complex process. Internationally, there are several standardized security frameworks, such as: ISO27001, NIST, COBIT, ITIL, PCI DSS. The purpose of this scientific article was to use grounded-theory method to review scientific journal publications and conference proceedings to identify those security frameworks that are recommended by researchers.