Based management of information system security risk. Alfawaz a thesis submitted in partial ful llment for the degree of doctor of philosophy in the faculty of science and technology february 2011. They all contributed to deepen the understanding of information systems development from the point of view of specific social groups and the community which engaged in exploring this multifaceted field. Not only due to the bill concerning the digitized governance in bavaria bayegovg. Information security management in australian universities an exploratory analysis the work contained in this thesis has not been previously submitted to meet requirements for an award at this or any other higher education institution. What is an information security management system isms. Information and it security proposed topics of masters thesis 2018. The study sought to investigate whether the current recordskeeping practices support or undermine service delivery and the ehealth readiness level. Needs of human resource information system in organizations there are. Mba based project topics on management information systems also explore evolving phenomena and undertake both primary and secondary research. Pdf implementation of an information security management. The target audience is the appointed committee, the supervisor, and interested colleagues. Doc student information management system peter obike. Large enterprises have sophisticated information technology and security.
Management system of the information security means the information security of a part of general and overall information security in an organization that is based on business risks approach. Thesis submitted for the degree of master of information technology research. Information security management system working language. This research will focus on the implementation of mis and provides a case study of the fenix system which is a management information system for. Increased awareness, transparency, cooperation, and risk management are the. What are the impacts of different security mechanisms on consumer trust in online banking transa. This thesis was carried out as a basic research to expand the knowledge of the. Management information systems thesis topics range from business use to enduser rights, with researchers structuring systems that facilitate ease. Decades ago, long before the birth of the digital era, security statement is focused on the safety of human life and any possessions regarded as important to a person.
Chak a thesis submitted to johns hopkins university in conformity with the requirements for. Such systems are in danger of humans disasters and it is very strategic to. Human factors for an effective information security management system. This thesis used the concept of information system that information system is an aggregate of humans, procedures, and resources that gather, process, and transfer information for organization. Master thesis studienrichtung master of applied research sabine. Corporation information security management system and to give guidance for the. Corporation information security management system and to give guidance for the existing model improvement work. Queensland university of technology information security management. Improvement of information security management system in. In addition, this system has been implemented in the royal thai air force rtaf since 2010. This paper suggests that an integrated system theory is useful for understanding information security management, explaining information security management strategies, and predicting management. A study on security level management model for information system.
Information security management system isms the information security management system isms standard provides a framework for information security risk managem ent within organizations. Accommodate and provide information sheet and registration for alumni. The concept of information system can be confused because the term system is able to be defined in many different ways. Iso 27001 is the most adopted international isms information security management system standard, which provides. The securitymanagement domain also introduces some critical documents, such as policies, procedures, and guidelines. Analysing human factors in information security management.
The goal is to have a dashboard depicting information about the residual energy of the. The focus of an isms is to ensure business continuity by minimizing all security risks to information assets and. The concept of risk management is the applied in all aspects of business, including planning and project risk management, health. Developing an information security management system. The motivation for this research stems from the continuing concern of ine ective information security in organisations, leading to potentially. A case study of an information security culture by salahuddin m. The primary role of an acm solution is to protect the confidentiality of a resource by restricting access to the resource. The literature and studies cited in this chapter tackle the different concept, understanding, and ideas, generalization or conclusions and different development related to study of the enrollment from the past up to the present and which serves as the researchers guide in developing the project.
In accordance with two international standards, isoiec. Good cybersecurity thesis topics for a masters degree. A study on security level management model for information. Information security management of healthcare system khalid. A specification of layerbased information security management. School management information systems have changed school management in the areas of leadership, decision making, workload, human resource management. Thesis in information systems phd thesis in information systems is a growing field falls under the domain of cyber security. What are new research topics for masters thesis in. List of information systems management dissertation topics. These documents are of great importance because they spell out how the organization manages its security practices and details what is. Factors in information security reza alavi a thesis submitted for the degree of doctor of philosophy the university of east london school of architecture, computing and engineering ace. Security management addresses the identification of the organizations information assets. Improvement of information security management system in media.
This thesis recognizes that information security is not only a technical issue but a governance. Scit42 annex 2, page 2 executive summary as the new millennium begins, wipo and its member states must be prepared to communicate and transact business functions in a rapidly evolving environment that will be driven in. The role of human resource information system in the process of manpower activities barron, chhabra, hanscome and henson 20 perceived hris to emphasize mainly the retention of capable. The focus of an isms is to ensure business continuity by minimizing all security risks to information assets and limiting security breach impacts to a bare minimum. Of the above standards for it security governance, iso 27001 offers the specification. Records management and electronic records management. Isms information security management system according to isoiec 27001.
School management information systems have changed school management in the areas of leadership. Brandt 3 preface this thesis proposal is an outline of my ph. Information technology strategic implementation plan. Implementation of information security management systems. Management decision with respect to upcoming downsizing should be reported to officers to prevent any operations interruption. The primary contribution of this thesis is the development of a rigorous, practice oriented, and empirically tested framework of information security management practices ismp. The main objective of online alumni information system is to keep track and enhance the records of the alumni of the school. This thesis argues that in order to establish a sound information security culture it is necessary to look at organisations information security systems in a sociotechnical context.
This system includes all of the policies, procedures, plans, processes, practices, roles, responsibilities, resources, and structures that are used to protect and preserve. Pdf it seems different organizations regarding the grade of importance of the existing informations role in them need a strong management in. Jun, 2014 the main objective of online alumni information system is to keep track and enhance the records of the alumni of the school. Here are two concrete topics for two masters theses. An automated tool for information security management system erkan, ahmet m. Developing an information security management system year 2014 pages 36 the purpose of this thesis was to study development of an information security management system and study the resources and components, which combined create a functional information security management system. Management system ed ms, the term electronic document records management system edrms will be used. It possesses a library of thesis in information systems topics which are related to some of the prominent information fields such as information security, biometrics, surveillance, and also cyber security. International journal of secure software engineering ijsse, 4, 5074. During the last twenty years, the impact of security concerns on the development and exploitation of information systems never ceased to grow. First and foremost, i would like to thank erik poll for helping me write this thesis. The study proposes a security management system sms to be used for network security management, monitoring and reporting purposes.
Iso 27001 is a technologyneutral, vendor neutral information security management standard, but it is not a guide. Implementation plan for an isms according to isoiec 27001. The role of human resource information system in the. In the beginning of this thesis, the business areas of media x corporation and their.
Get insight into choosing the best infosec topic for your. Iso how to measure the effectiveness of information security. Implementation of an information security management system isms for the document management services dms. Cybersecurity thesis topics must not only be timely and relevant, but they should also offer an original contribution to a growing field. The purpose of this system is to identify and minimize risks when handling information within the. This thesis is submitted to the school of computing at blekinge institute of technology in partial fulfillment of. This model is challenged by domain experts in standardisation, risk.
Managing cybersecurity as a business risk for small and medium enterprises by stephanie k. Security risk management approaches and methodology. Refinement can be used to develop security protocols that are correct by construction. Ali arifoglu september 2006, 94 pages this thesis focuses on automation of processes of information security management system. Strategic management of business exercises pdf machine is a pdf writer that produces quality pdf files with ease. Maryanne ndungu and sushila kandel information security. Such developments starts with the abstract specification of the protocols essential security properties, pass through abstract versions of the protocol without communication channels or using abstract channels with security properties, and end with a full. An access control management system has the potential for impacting all three tenets of information security confidentiality, integrity and availability. The role of human resource information system in the process. In an isms information system management system structure top management consists. This thesis focuses on automation of processes of information security.
It explains how to develop and operate measurement processes, and how to assess and report the results of a set of information security. The aim of this thesis is to explore current management of information security in terms of electronic health records ehr and how these are protected from possible security threats and risks in healthcare, when the sensitive information has to be communicated among. Create database system to keep all the files of the alumni. Management information system implementation challenges.
Saf has implemented an aviation best of breed solutions information system called the fenix system. Design, deploy, and use an accurate energymonitoring system for bodysensor networks. The research improves current understanding of information security issues and reinforces the pertinence of information security management as a strategically important business function for australian universities. Iso standards of information security management system. Introduction of school management information systems to schools have caused significant changes in roles and working styles of managers telem, 1999. Some important terms used in computer security are. To do this, a comprehensive approach to increasing general it security levels and infrastructural resilience is needed, with the main actors being the public and business sectors. Information security management of healthcare system. However, a usual problem is how the workers face something new and something innovative. Information security management practices in organisations. Therefore ifds senior management, to protect the confidentiality, integrity and availability of our information, have approved an information security management system isms built on the iso 27001 standard. In this thesis, we investigate the potential relationship between national cultural, political and economic characteristics regarding the adoption of iso 27001, in terms of the average number of certi cates issued 20062014. Security risk management methods are methodological tools, helping organisations to take rational decisions, regarding the security of their is. An information security management system isms is a set of frameworks that contain policies and procedures for tackling security risks in an organization.
Student projects information security group eth zurich. Security risk management security risk management process of identifying vulnerabilities in an organizations info. A security proposal is a document containing a detailed information regarding security protocols or measures that are necessary to address threats and any kind of danger. This study focuses on records management in support of service delivery in the public health sector of limpopo province, south africa. Iso 27001 describes an information security management system isms that makes sure information. Modelbased management of information system security risk. To what extent are information security management practices institutionalised in organisations. Computer interaction hci, political science, management studies, information system design, sociology and even environmental studies. How to analyse the performance of tcp over ethernet lans. It is sometimes referred to as cyber security or it security, though these terms generally do not refer to physical security locks and such. This thesis argues that in order to establish a sound information security. The main objective of this project is to define the implementation plan for an isms information security management system according to isoiec 27001. Alfawaz a thesis submitted in partial ful llment for the.
240 1496 527 1195 38 1254 1212 586 657 8 928 45 1551 434 902 1293 953 1543 273 465 129 199 737 277 605 949 494 235 700 1202