Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 33122
Information System Security Effectiveness Attributes: A Tanzanian Company Case Study
Authors: Nerey H. Mvungi, Mosses Makoko
Abstract:
In today-s highly globalised and competitive world access to information plays key role in having an upper hand between business rivals. Hence, proper protection of such crucial resource is core to any modern business. Implementing a successful information security system is basically centered around three pillars; technical solution involving both software and hardware, information security controls to translate the policies and procedure in the system and the people to implement. This paper shows that a lot needs to be done for countries adapting information technology to process, store and distribute information to secure adequately such core resource.Keywords: security, information systems, controls, technology, practices.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1055633
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2618References:
[1] C. Alberts, and A. Dorofee, "Managing Information Security Risks: The OCTAVE Approach", 1st Edition, USA, Addison Wesley, 2002.
[2] A. Andress, "Surviving Security: How to Integrate People, Process, and Technology", 2nd Edition, New York, USA, Auerbach Publishers Inc., 2004.
[3] F. Gallegos, "Educating the Masses: Audit, Control and Security of Information Systems Today and Tomorrow" Information Systems Control Journal, 2004 Vol.6, pp13-15.
[4] Kurtz, R.L. and Vines D.V., "The CISSP Prep Guide - Mastering the Ten Domains of Computer Security", 1st Edition, USA, John Wiley & Sons Inc, 2001.
[5] Ward, J. and Peppard, J., "Strategic Planning for Information Systems", 3rd Edition, West Sussex England, John Wiley & Sons Inc, 2002.
[6] Doughty, K., "Implementing Enterprise Security: A Case Study (Part 1)", Information Systems Control Journal, 2003 Vol.2, pp34-39.
[7] Doughty, K., "Implementing Enterprise Security: A Case Study (Part 2)" Information Systems Control Journal, 2003 Vol.3, pp60-63.
[8] Federal Financial Institutions Examination Council (FFIEC), "IT Examination Handbook: Information Security", USA, FFIEC Publishers, 2006.
[9] Ross, S. J., "Information Security and the Resilient Enterprise", Information Systems Control Journal, 2005 Vol.2, pp8-9.
[10] O-Bryan, S. K., "Critical Elements of Information Security Program Success" Information Systems Control Journal, 2006 Vol.3.
[11] W. Stallings, "Cryptography and Network Security Principles and Practices", 4th Edition, USA, Prentice Hall, 2005.
[12] H.F. Tipton and M. Krause, "Information Security Management Handbook", 5th Edition, New York, USA, Auerbach Publishers Inc., 2003.