Research on Security Management Plan for Enterprise Information Systems

2013 ◽  
Vol 380-384 ◽  
pp. 2560-2563
Author(s):  
Ru Xin Gou ◽  
Ting Jie Lu
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Network Science ◽  
Security Management ◽  
Management Plan ◽  
Enterprise Management ◽  
Enterprise Information ◽  
Information Security Management ◽  
Enterprise Information Systems ◽  
Risk Assesment

With the development of computer and network science, enterprises have built lots of information systems for enterprise management, the security management of the information systems if becoming more and more important for most of the enterprises.In this study of information security management plan,enterprises can implement a set of controls based on the controls checklists obtained from risk assesment to achieve information security.

scholarly journals INFORMATION SECURITY MANAGEMENT STRATEGY ANALYSIS USING SYSTEM DYNAMICS MODELING

JOURNAL ASRO ◽  
2018 ◽  
Vol 9 (2) ◽  
pp. 107
Author(s):  
Arie Marbandi ◽  
Ahmadi Ahmadi ◽  
Adi Bandono ◽  
Okol S Suharyo
Keyword(s):  
Information Systems ◽  
Information Security ◽  
System Dynamics ◽  
Security Management ◽  
Security Risk ◽  
Dynamics Modeling ◽  
Strategy Analysis ◽  
Information Security Management ◽  
Security Costs ◽  
Alternative Choice

Handling information security management is an absolute thing to do for organizations that have information systems to support the organization's operations. Information systems consisting of assets both software and hardware that manage data and information that are spread over networks and the internet, make it vulnerable to threats. Therefore investment and costs are needed to secure it. Costs incurred for this need are not small, but investment expenditures and information security costs carried out need serious handling to be more effective and on target. The System Dynamics Model is used to evaluate alternative strategies to demonstrate the effectiveness of investment and the cost of managing information security through simulation of policy changes. System Dynamics are methods for describing models and systems analysis that are dynamic and complex, consisting of variables that influence each other in the form of causal relationships and feedback between variables that are either reinforcing or giving balance. Simulation using a dynamic system model in this study illustrates that the management of risk assessment followed by vulnerability reduction efforts has a very large impact on the management of information security. By making a difference in the value of security tools investment, this provides an alternative choice in information security risk management investments to achieve the effectiveness of the overall costs incurred in managing information security

scholarly journals Organizational Information Security Management for Sustainable Information Systems: An Unethical Employee Information Security Behavior Perspective

2020 ◽  
Vol 12 (8) ◽  
pp. 3163
Author(s):  
Amanda M. Y. Chu ◽  
Mike K. P. So
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Security Management ◽  
Information Security Management ◽  
Information Security Behavior ◽  
Security Behavior ◽  
Different Types ◽  
Employee Information ◽  
Willingness To Report ◽  
Security Incidents

This article examines the occurrences of four types of unethical employee information security behavior—misbehavior in networks/applications, dangerous Web use, omissive security behavior, and poor access control—and their relationships with employees’ information security management efforts to maintain sustainable information systems in the workplace. In terms of theoretical contributions, this article identifies and develops reliable and valid instruments to measure different types of unethical employee information security behavior. In addition, it investigates factors affecting different types of such behavior and how such behavior can be used to predict employees’ willingness to report information security incidents. In terms of managerial contributions, the article suggests that information security awareness programs and perceived punishment have differential effects on the four types of unethical behavior and that certain types of unethical information security behavior exert negative effects on employees’ willingness to report information security incidents. The findings will help managers to derive better security rules and policies, which are important for business continuity.

Research on Enterprise Information Security of the ERP System

2013 ◽  
Vol 380-384 ◽  
pp. 2539-2543
Author(s):  
Cheng Wang
Keyword(s):  
Information Security ◽  
Management System ◽  
Security Management ◽  
Enterprise Information ◽  
Information Security Management ◽  
Erp System ◽  
Manufacturing Enterprises ◽  
Information Security Management System ◽  
Article Analysis ◽  
Countermeasures And Suggestions

With the wide application of ERP system in manufacturing enterprises in China, Issues of enterprise information security are becoming increasingly influential. On the basis of elaborating information security and information risk, this article analysis systematically the enterprise information security management system, and explore the key information security problems in ERP environment, and proposed the corresponding countermeasures and suggestions.

A framework for technology-based factors for knowledge management in supply chain of auto industry

VINE ◽  
2014 ◽  
Vol 44 (3) ◽  
pp. 375-393 ◽  
Author(s):  
Mohsen Shafiei Nikabadi
Keyword(s):  
Knowledge Management ◽  
Supply Chain ◽  
Information Systems ◽  
Information Security ◽  
Systems Integration ◽  
Security Management ◽  
Information Security Management ◽  
Content Type ◽  
Information Systems Integration ◽  
Comprehensive Framework

Purpose – The main aim of this study is to provide a framework for technology-based factors for knowledge management in supply chain. Design/methodology/approach – This is an applied research and has been done as a survey in Iran Khodro and Saipa Company as the largest companies in automotive industry of Iran. In this study, 206 experts participated. Reliability methods were Cronbach’s alfa, and validity tests were content and construction analyses. In response to one main question and three sub-questions in this research, first and second confirmative factor analysis were used. Findings – In this research, after a literature review, a comprehensive framework with three factors is presented. These factors are information technology (IT) tools, information systems integration and information security management. The findings indicate that the first framework in supply chain of the automotive industry has a good fitness and perfect validity. Second, in this framework, factors have also been considered based on importance. The technique of factor analysis was given the highest importance to the information systems integration. Then, IT tools and, ultimately, information security management are considered. In addition, findings indicate that information systems integration has the highest correlation with IT tools. Originality/value – The main innovation aspect of the research is to present a comprehensive framework for technology-based factors and indices for knowledge management in supply chain. In this paper, in addition to presenting a grouping for IT tools for knowledge management processes in supply chain, key indices for information systems integration and information security management are also referred.

Sign in / Sign up

Export Citation Format

Share Document