scholarly journals The least secure places in the universe? A systematic literature review on information security management in higher education

2019 ◽  
Vol 86 ◽  
pp. 350-357 ◽  
Author(s):  
Ivano Bongiovanni
Keyword(s):  
Higher Education ◽  
Information Security ◽  
Literature Review ◽  
Systematic Literature Review ◽  
Security Management ◽  
Information Security Management ◽  
The Universe

The Adoption of Information Security Management Standards

2009 ◽  
pp. 119-140 ◽  
Author(s):  
Yves Barlette ◽  
Vladislav V. Fomin
Keyword(s):  
Information Security ◽  
Literature Review ◽  
Success Factors ◽  
Security Management ◽  
Information Security Management ◽  
Diffusion Of Information ◽  
Management Standards ◽  
Business Market ◽  
Security Standards ◽  
Iec 27001

This chapter introduces major information security management methods and standards, and particularly ISO/IEC 27001 and 27002 standards. A literature review was conducted in order to understand the reasons for the low level of adoption of information security standards by companies, and to identify the drivers and the success factors in implementation of these standards. Based on the findings of the literature review, we provide recommendations on how to successfully implement and stimulate diffusion of information security standards in the dynamic business market environment, where companies vary in their size and organizational culture. The chapter concludes with an identification of future trends and areas for further research.

scholarly journals Maturity Framework Analysis ISO 27001: 2013 on Indonesian Higher Education

2020 ◽  
Vol 9 (2) ◽  
pp. 429
Author(s):  
IGN Mantra ◽  
Aedah Abd. Rahman ◽  
Hoga Saragih
Keyword(s):  
Higher Education ◽  
Information System ◽  
Information Security ◽  
Security Management ◽  
System Security ◽  
Maturity Level ◽  
Information Security Management ◽  
Security Practices ◽  
Level 3 ◽  
Iso 27001

Information Security Management System (ISMS) implementation in Institution is an effort to minimize information security risks and threats such as information leakage, application damage, data loss and declining IT network performance. The several incidents related to information security have occurred in the implementation of the Academic System application in Indonesian higher education. This research was conducted to determine the maturity level of information security practices in Academic Information Systems at universities in Indonesia. The number of universities used as research samples were 35 institutions. Compliance with the application of ISO 27001:2013 standard is used as a reference to determine the maturity level of information system security practices. Meanwhile, to measure and calculate the level of maturity using the SSE-CMM model. In this research, the Information System Security Index obtained from the analysis results can be used as a tool to measure the maturity of information security that has been applied. There are six key areas examined in this study, namely the role and importance of ICT, information security governance, information security risk management, information security management framework, information asset management, and information security technology. The results showed the level of information security maturity at 35 universities was at level 2 Managed Process and level 3 Established Process. The composition is that 40% of universities are at level 3, and 60% are out of level 3. The value of the gap between the value of the current maturity level and the expected level of maturity is varied for each clause (domain). The smallest gap (1 level) is in clause A5: Information Security Policy, clause A9: Access Control, and clause A11: Physical and environmental security. The biggest gap (4 levels) is in clause A14: System acquisition, development and maintenance and clause A18: compliance.   

The Adoption of Information Security Management Standards

2010 ◽  
pp. 69-90 ◽  
Author(s):  
Yves Barlette ◽  
Vladislav V. Fomin
Keyword(s):  
Information Security ◽  
Literature Review ◽  
Success Factors ◽  
Security Management ◽  
Information Security Management ◽  
Diffusion Of Information ◽  
Management Standards ◽  
Business Market ◽  
Security Standards ◽  
Iec 27001

This chapter introduces major information security management methods and standards, and particularly ISO/IEC 27001 and 27002 standards. A literature review was conducted in order to understand the reasons for the low level of adoption of information security standards by companies, and to identify the drivers and the success factors in implementation of these standards. Based on the findings of the literature review, we provide recommendations on how to successfully implement and stimulate diffusion of information security standards in the dynamic business market environment, where companies vary in their size and organizational culture. The chapter concludes with an identification of future trends and areas for further research.

Sign in / Sign up

Export Citation Format

Share Document