Information security compliance assessment using information security maturity model
Information security is an essential factor for business today and is achieved by adopting the suitable set of practices, standards, process, policies and organizational structures. In order to recognize the strength and weaknesses of information security, organizations can implement information sec...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2014
|
Subjects: | |
Online Access: | http://eprints.utm.my/id/eprint/53429/25/HassanHosseinZadehMFC2014.pdf http://eprints.utm.my/id/eprint/53429/ http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:86405 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my.utm.53429 |
---|---|
record_format |
eprints |
spelling |
my.utm.534292020-07-14T03:28:05Z http://eprints.utm.my/id/eprint/53429/ Information security compliance assessment using information security maturity model Zadeh, HassanHossein QA75 Electronic computers. Computer science Information security is an essential factor for business today and is achieved by adopting the suitable set of practices, standards, process, policies and organizational structures. In order to recognize the strength and weaknesses of information security, organizations can implement information security model. Information Security Maturity Model (ISMM) as a security oriented model has been developed in order to determine the level of information security in organization. It has provided five (5) compliance levels of security which contain: none compliance, initial compliance, basic compliance, acceptable compliance and full compliance. The goal of this research is to assessing of the information security compliance in departments of UTM based on this model. So five (5) departments consist of three (3) offices (RMC, SPS, and CTL) and two (2) faculties (FKE, FKM) were chosen. Fully in-structured interview were performed with five (5) IT experts in case study. Analyzing data were done and information security compliance levels for these departments were determined. Based on results, basic compliance level was belonged to RMC and CTL, Wile acceptable compliance level to SPS, FKE and FKM. Besides, none of them were in Full compliance level. According to the results, suggestions in order to enhance compliance level of security were provided. Finally, for the improvement of ISMM model, some other future works were offered by this research. 2014-08 Thesis NonPeerReviewed application/pdf en http://eprints.utm.my/id/eprint/53429/25/HassanHosseinZadehMFC2014.pdf Zadeh, HassanHossein (2014) Information security compliance assessment using information security maturity model. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computing. http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:86405 |
institution |
Universiti Teknologi Malaysia |
building |
UTM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Teknologi Malaysia |
content_source |
UTM Institutional Repository |
url_provider |
http://eprints.utm.my/ |
language |
English |
topic |
QA75 Electronic computers. Computer science |
spellingShingle |
QA75 Electronic computers. Computer science Zadeh, HassanHossein Information security compliance assessment using information security maturity model |
description |
Information security is an essential factor for business today and is achieved by adopting the suitable set of practices, standards, process, policies and organizational structures. In order to recognize the strength and weaknesses of information security, organizations can implement information security model. Information Security Maturity Model (ISMM) as a security oriented model has been developed in order to determine the level of information security in organization. It has provided five (5) compliance levels of security which contain: none compliance, initial compliance, basic compliance, acceptable compliance and full compliance. The goal of this research is to assessing of the information security compliance in departments of UTM based on this model. So five (5) departments consist of three (3) offices (RMC, SPS, and CTL) and two (2) faculties (FKE, FKM) were chosen. Fully in-structured interview were performed with five (5) IT experts in case study. Analyzing data were done and information security compliance levels for these departments were determined. Based on results, basic compliance level was belonged to RMC and CTL, Wile acceptable compliance level to SPS, FKE and FKM. Besides, none of them were in Full compliance level. According to the results, suggestions in order to enhance compliance level of security were provided. Finally, for the improvement of ISMM model, some other future works were offered by this research. |
format |
Thesis |
author |
Zadeh, HassanHossein |
author_facet |
Zadeh, HassanHossein |
author_sort |
Zadeh, HassanHossein |
title |
Information security compliance assessment using information security maturity model |
title_short |
Information security compliance assessment using information security maturity model |
title_full |
Information security compliance assessment using information security maturity model |
title_fullStr |
Information security compliance assessment using information security maturity model |
title_full_unstemmed |
Information security compliance assessment using information security maturity model |
title_sort |
information security compliance assessment using information security maturity model |
publishDate |
2014 |
url |
http://eprints.utm.my/id/eprint/53429/25/HassanHosseinZadehMFC2014.pdf http://eprints.utm.my/id/eprint/53429/ http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:86405 |
_version_ |
1674066164073889792 |
score |
13.15806 |