Maturity Level of Information Systems Security and Control: A Survey of Companies in Thailand

The aim of the study is to design remediation information systems security governance at Bank. This study provided proposed solutions to solve the existing gaps between the current condition and the expected information systems of the bank's security governance. A case study of a commercial bank is used in this study. There are 7 process frameworks of COBIT 4.1 used to measure the maturity level of information systems security governance. Of these processes, appropriate controls within the framework of COBIT 4.1 and ISO27001 are undertaken. As a result, the security of governance information systems is increasing. In conclusion, there is a need of reliable information systems security governance to achieve the intended business goals.

Download Full-text

Conceptualizing the Domain and an Empirical Analysis of Operations Security Management

10.4018/978-1-6684-3698-1.ch025 ◽

2022 ◽

pp. 533-560

Author(s):

Winfred Yaokumah

Keyword(s):

Information Systems ◽

Empirical Analysis ◽

Security Management ◽

Information Systems Security ◽

Computing Environment ◽

Maturity Level ◽

Security Controls ◽

Systems Security ◽

Level 3 ◽

State Of Practice

Operations security management integrates the activities of all the information systems security controls. It ensures that the entire computing environment is adequately secured. This chapter conducts an in-depth review of scholarly and practitioner works to conceptualize the domain of operations security management. Drawing upon the existing information systems security literature, the chapter classifies operations security management into 10 domains. Following, the chapter performs an empirical analysis to investigate the state-of-practice of operations security management in organizations. The findings show that the maturity level of operations security management is at the Level 3 (well-defined). The maturity levels range from Level 0 (not performed) to Level 5 (continuously improving). The results indicate that operations security processes are documented, approved, and implemented organization-wide. Backup and malware management are the most applied operations security controls, while logging, auditing, monitoring, and reviewing are the least implemented controls.

Download Full-text

Conceptualizing the Domain and an Empirical Analysis of Operations Security Management

Advances in Human and Social Aspects of Technology - Handbook of Research on Technology Integration in the Global World ◽

10.4018/978-1-5225-6367-9.ch015 ◽

2019 ◽

pp. 304-330

Author(s):

Winfred Yaokumah

Keyword(s):

Information Systems ◽

Empirical Analysis ◽

Security Management ◽

Information Systems Security ◽

Computing Environment ◽

Maturity Level ◽

Security Controls ◽

Systems Security ◽

Level 3 ◽

State Of Practice

Operations security management integrates the activities of all the information systems security controls. It ensures that the entire computing environment is adequately secured. This chapter conducts an in-depth review of scholarly and practitioner works to conceptualize the domain of operations security management. Drawing upon the existing information systems security literature, the chapter classifies operations security management into 10 domains. Following, the chapter performs an empirical analysis to investigate the state-of-practice of operations security management in organizations. The findings show that the maturity level of operations security management is at the Level 3 (well-defined). The maturity levels range from Level 0 (not performed) to Level 5 (continuously improving). The results indicate that operations security processes are documented, approved, and implemented organization-wide. Backup and malware management are the most applied operations security controls, while logging, auditing, monitoring, and reviewing are the least implemented controls.

Download Full-text

The effectiveness of web advertising, its legal regulation and the problem of information systems security

Век информации (сетевое издание) ◽

10.33941/age-info.com43(12)1 ◽

2020 ◽

Vol 4 (3(12)) ◽

pp. 1-15

Author(s):

Samira Ilgarovna Proshkina ◽

Keyword(s):

Information Systems ◽

Computational Models ◽

Evolutionary Dynamics ◽

Legal Regulation ◽

Information Systems Security ◽

Systematic Analysis ◽

Web Advertising ◽

Systems Security ◽

Business Structures ◽

Display Location

The work is devoted to an urgent problem — the study of the evolutionary dynamics of web advertising, its assessment and effectiveness, as well as the problem of legal support and security of information systems. The goal is a systematic analysis of web advertising in an unsafe information field, its relevance and criteria for assessing marketing efforts, minimizing risks, maximizing additional profits and image. Research hypothesis — the effectiveness of web advertising is determined by the form of advertising, place of display, location of the block, model of calculation of the advertising campaign. An approach based on the establishment of preferences, partnership between the state and business structures is emphasized. It takes into account the COVID-19 pandemic, a slowdown in the pace and features of the evolution of business companies in self-isolation. The subtasks of influence on the advertising efficiency of the site’s features and web advertising are highlighted. A comprehensive analysis of information and logical security and computational models of web advertising companies was also carried out.

Download Full-text