Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.]
As the high increase usage of technology, the higher the risks that are associated with it. Therefore, it has become a necessity for organizations to rely on an information security risk management framework as a defense mechanism against these risks. This paper discusses information security risk m...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Book |
| Published: |
Faculty of Information Management,
2023-04.
|
| Subjects: | |
| Online Access: | Link Metadata |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
MARC
| LEADER | 00000 am a22000003u 4500 | ||
|---|---|---|---|
| 001 | repouitm_77315 | ||
| 042 | |a dc | ||
| 100 | 1 | 0 | |a Al-Mudaires, Fajer |e author |
| 700 | 1 | 0 | |a Al-Samawi, Aida |e author |
| 700 | 1 | 0 | |a Aljughaiman, Ahmed |e author |
| 700 | 1 | 0 | |a Nissirat, Liyth |e author |
| 245 | 0 | 0 | |a Information security risk management framework for a governmental educational institute / Fajer Al-Mudaires ... [et al.] |
| 260 | |b Faculty of Information Management, |c 2023-04. | ||
| 500 | |a https://ir.uitm.edu.my/id/eprint/77315/1/77315.pdf | ||
| 520 | |a As the high increase usage of technology, the higher the risks that are associated with it. Therefore, it has become a necessity for organizations to rely on an information security risk management framework as a defense mechanism against these risks. This paper discusses information security risk management approaches available with an emphasis on the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27005 method to propose an information security risk management framework that suits a governmental educational institute in Saudi Arabia. This framework will be designed and implemented for a governmental educational institute that lacks adequate information security risk management while being out of compliance with Saudi Arabia's Essential Cybersecurity Controls (ECC). In this framework, 34 application assets have been analyzed and 37 controls have been recommended in order to meet the minimum requirements of ECC. | ||
| 546 | |a en | ||
| 690 | |a Library Science. Information Science | ||
| 690 | |a Information services. Information centers | ||
| 655 | 7 | |a Article |2 local | |
| 655 | 7 | |a PeerReviewed |2 local | |
| 787 | 0 | |n https://ir.uitm.edu.my/id/eprint/77315/ | |
| 787 | 0 | |n http://ijikm.uitm.edu.my/ | |
| 856 | 4 | 1 | |u https://ir.uitm.edu.my/id/eprint/77315/ |z Link Metadata |