A Generic Framework for Information Security Policy Development
| Autor: | Setyawan Widyarto, Raja Ahmad Tariqi Raja Ahmad, Khatipah Abd Ghani, Wan Hassan Basri bin Wan Ismail |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Higher education
business.industry Computer science Process (engineering) 05 social sciences 050301 education Pharmaceutical Science 02 engineering and technology Information security Security policy Maintenance engineering Risk analysis (engineering) Complementary and alternative medicine Content analysis Order (exchange) 020204 information systems 0202 electrical engineering electronic engineering information engineering Pharmacology (medical) business 0503 education Risk management |
| Zdroj: | Proceeding of the Electrical Engineering Computer Science and Informatics. 4 |
| ISSN: | 2407-439X |
| DOI: | 10.11591/eecsi.v4.975 |
| Popis: | Information security policies are not easy to create unless organizations explicitly recognize the various steps required in the development process of an information security policy, especially in institutions of higher education that use enormous amounts of IT. An improper development process or a copied security policy content from another organization might also fail to execute an effective job. The execution could be aimed at addressing an issue such as the non-compliance to applicable rules and regulations even if the replicated policy is properly developed, referenced, cited in laws or regulations and interpreted correctly. A generic framework was proposed to improve and establish the development process of security policies in institutions of higher education. The content analysis and cross-case analysis methods were used in this study in order to gain a thorough understanding of the information security policy development process in institutions of higher education. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|