Implementing ISO/IEC 27001 in Software Development: The Role of Human Resources in Ensuring Information Security

Abstract

This paper examines the implementation of ISO/IEC 27001 in software development, emphasizing the critical role of human resources in ensuring information security. Based on international standards (ISO/IEC 27000 family, NIST CSF, COBIT, ITIL) and national legislation, the study highlights both the benefits and challenges identified through a survey of IT professionals in Moldova. The findings show that while awareness of ISO/IEC 27001 is high, training, flexibility, and organizational culture remain key factors for successful adoption. Recommendations are proposed to strengthen security practices and foster a resilient, innovation-oriented environment. UDC: 006.322:[004.056.5:004.4+005.963.1](478); JEL: M15, M12, O32, L86.