Cover Image

Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.]

As the high increase usage of technology, the higher the risks that are associated with it. Therefore, it has become a necessity for organizations to rely on an information security risk management framework as a defense mechanism against these risks. This paper discusses information security risk m...

Full description

Saved in:
Bibliographic Details
Main Authors: Al-Mudaires, Fajer, Al-Samawi, Aida, Aljughaiman, Ahmed, Nissirat, Liyth
Format: Article
Language:English
Published: Faculty of Information Management 2023
Subjects:
Library Science. Information Science
Information services. Information centers
Online Access:https://ir.uitm.edu.my/id/eprint/77315/1/77315.pdf
https://ir.uitm.edu.my/id/eprint/77315/
http://ijikm.uitm.edu.my/
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.uitm.ir.77315
record_format eprints
spelling my.uitm.ir.773152023-05-29T02:06:30Z https://ir.uitm.edu.my/id/eprint/77315/ Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.] jikm Al-Mudaires, Fajer Al-Samawi, Aida Aljughaiman, Ahmed Nissirat, Liyth Library Science. Information Science Information services. Information centers As the high increase usage of technology, the higher the risks that are associated with it. Therefore, it has become a necessity for organizations to rely on an information security risk management framework as a defense mechanism against these risks. This paper discusses information security risk management approaches available with an emphasis on the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27005 method to propose an information security risk management framework that suits a governmental educational institute in Saudi Arabia. This framework will be designed and implemented for a governmental educational institute that lacks adequate information security risk management while being out of compliance with Saudi Arabia’s Essential Cybersecurity Controls (ECC). In this framework, 34 application assets have been analyzed and 37 controls have been recommended in order to meet the minimum requirements of ECC. Faculty of Information Management 2023-04 Article PeerReviewed text en https://ir.uitm.edu.my/id/eprint/77315/1/77315.pdf Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.]. (2023) Journal of Information and Knowledge Management (JIKM) <https://ir.uitm.edu.my/view/publication/Journal_of_Information_and_Knowledge_Management_=28JIKM=29.html>, 13 (1). pp. 36-54. ISSN ISSN:2231-8836 ; E-ISSN:2289-5337 http://ijikm.uitm.edu.my/
institution Universiti Teknologi Mara
building Tun Abdul Razak Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Mara
content_source UiTM Institutional Repository
url_provider http://ir.uitm.edu.my/
language English
topic Library Science. Information Science
Information services. Information centers
spellingShingle Library Science. Information Science
Information services. Information centers
Al-Mudaires, Fajer
Al-Samawi, Aida
Aljughaiman, Ahmed
Nissirat, Liyth
Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.]
description As the high increase usage of technology, the higher the risks that are associated with it. Therefore, it has become a necessity for organizations to rely on an information security risk management framework as a defense mechanism against these risks. This paper discusses information security risk management approaches available with an emphasis on the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27005 method to propose an information security risk management framework that suits a governmental educational institute in Saudi Arabia. This framework will be designed and implemented for a governmental educational institute that lacks adequate information security risk management while being out of compliance with Saudi Arabia’s Essential Cybersecurity Controls (ECC). In this framework, 34 application assets have been analyzed and 37 controls have been recommended in order to meet the minimum requirements of ECC.
format Article
author Al-Mudaires, Fajer
Al-Samawi, Aida
Aljughaiman, Ahmed
Nissirat, Liyth
author_facet Al-Mudaires, Fajer
Al-Samawi, Aida
Aljughaiman, Ahmed
Nissirat, Liyth
author_sort Al-Mudaires, Fajer
title Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.]
title_short Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.]
title_full Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.]
title_fullStr Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.]
title_full_unstemmed Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.]
title_sort information security risk management framework for a governmental educational institute / fajer al-mudaires ... [et al.]
publisher Faculty of Information Management
publishDate 2023
url https://ir.uitm.edu.my/id/eprint/77315/1/77315.pdf
https://ir.uitm.edu.my/id/eprint/77315/
http://ijikm.uitm.edu.my/
_version_ 1768011623161659392
score 13.160551

Similar Items