A model to assess the Information Security status of an organization with special reference to the Policy Dimension.
- Grobler, Cornelia Petronella
- Authors: Grobler, Cornelia Petronella
- Date: 2008-05-29T08:31:57Z
- Subjects: computer security , data protection , ISO 17799
- Type: Thesis
- Identifier: uj:2430 , http://hdl.handle.net/10210/488
- Description: Information Security is becoming a high-priority issue in most organizations. Management is responsible for the implementation of security in the organization. Information Security is a multi-dimensional discipline. A well-defined Information Security Management strategy will enable managers to manage security effectively and efficiently in the organization. Management must be able to assess the current security status of the organization. Currently, no comprehensive, integrated assessment tool or model exists to assess the total security posture of an organization. The study will address the problem by proposing a high-level integrated assessment model for Information Security. The study is divided into 4 parts. Part one: Introduction to Information Security Management consists of three chapters. Chapter 1 provides the user with an introduction and background to the study. In chapter 2, the study discusses Information Security as a multi-dimensional discipline. The dimensions identified are the Corporate Governance (Strategic and Operational), Policy, People, Risk Management, Legal, Compliance and Technology dimensions. Information Security is no longer a technical issue, it must be managed. The need for an Information Security Management strategy is discussed in chapter 3 of the study. A successful management strategy should be based on a well-defined Information Security Architecture. Part 2: Information Security Architectures, of the study consists of one chapter. Chapter 4 of the study discusses and compares different Information Security Architectures. The study uses the information gathered from the comparative study and best practices: CobiT and ISO17799, to propose a new Information Security Architecture: RISA. The study uses this architecture as a framework for the assessment model. Part 3: Assessing security consists of five chapters. Chapter 5 discusses the characteristics of assessment and proposes an assessment framework. The study recognizes that assessment on the different levels of an organization will be different, as the assessment requirements on management level will differ from the requirements on a technical level. It is important to use best practices in the assessment model as it enables organizations to prove their security readiness and status to business partners. Best practices and standards enable organizations to implement security in a structured way. Chapter 6 discusses the ISO17799 and CobiT as best practices and their role in the assessment process. Chapter 7 of the study discusses various factors that will influence security assessment in an organization. These factors are the size of the organization, the type of organization and the resources that need to be secured. The chapter briefly discusses the various dimensions of Information Security and identifies deliverables to assess for every dimension. The chapter proposes a high-level, integrated assessment plan for Information Security, using the deliverables identified for each dimension. The study refines the assessment plan for the Policy Dimension in chapter 8. The chapter proposes various checklists to determine the completeness of the policy set, correct format of every documented policy and if supporting documentation exist for every documented policy. A policy status result will be allocated to each policy that the organization needs. The status results of all the individual policies will be combined to determine the security status of the Policy dimension. The study proposes an integrated high-level assessment model in chapter 9 of the study. This model uses the RISA and assessment plan as proposed in chapter 7. It includes all the specified dimensions of Information Security. The assessment model will enable management to obtain a comprehensive high-level picture of the total security posture of an organization. Chapter 10 will summarize the research done and propose further research to be done. , Prof. S.H. von Solms
- Full Text:
- Authors: Grobler, Cornelia Petronella
- Date: 2008-05-29T08:31:57Z
- Subjects: computer security , data protection , ISO 17799
- Type: Thesis
- Identifier: uj:2430 , http://hdl.handle.net/10210/488
- Description: Information Security is becoming a high-priority issue in most organizations. Management is responsible for the implementation of security in the organization. Information Security is a multi-dimensional discipline. A well-defined Information Security Management strategy will enable managers to manage security effectively and efficiently in the organization. Management must be able to assess the current security status of the organization. Currently, no comprehensive, integrated assessment tool or model exists to assess the total security posture of an organization. The study will address the problem by proposing a high-level integrated assessment model for Information Security. The study is divided into 4 parts. Part one: Introduction to Information Security Management consists of three chapters. Chapter 1 provides the user with an introduction and background to the study. In chapter 2, the study discusses Information Security as a multi-dimensional discipline. The dimensions identified are the Corporate Governance (Strategic and Operational), Policy, People, Risk Management, Legal, Compliance and Technology dimensions. Information Security is no longer a technical issue, it must be managed. The need for an Information Security Management strategy is discussed in chapter 3 of the study. A successful management strategy should be based on a well-defined Information Security Architecture. Part 2: Information Security Architectures, of the study consists of one chapter. Chapter 4 of the study discusses and compares different Information Security Architectures. The study uses the information gathered from the comparative study and best practices: CobiT and ISO17799, to propose a new Information Security Architecture: RISA. The study uses this architecture as a framework for the assessment model. Part 3: Assessing security consists of five chapters. Chapter 5 discusses the characteristics of assessment and proposes an assessment framework. The study recognizes that assessment on the different levels of an organization will be different, as the assessment requirements on management level will differ from the requirements on a technical level. It is important to use best practices in the assessment model as it enables organizations to prove their security readiness and status to business partners. Best practices and standards enable organizations to implement security in a structured way. Chapter 6 discusses the ISO17799 and CobiT as best practices and their role in the assessment process. Chapter 7 of the study discusses various factors that will influence security assessment in an organization. These factors are the size of the organization, the type of organization and the resources that need to be secured. The chapter briefly discusses the various dimensions of Information Security and identifies deliverables to assess for every dimension. The chapter proposes a high-level, integrated assessment plan for Information Security, using the deliverables identified for each dimension. The study refines the assessment plan for the Policy Dimension in chapter 8. The chapter proposes various checklists to determine the completeness of the policy set, correct format of every documented policy and if supporting documentation exist for every documented policy. A policy status result will be allocated to each policy that the organization needs. The status results of all the individual policies will be combined to determine the security status of the Policy dimension. The study proposes an integrated high-level assessment model in chapter 9 of the study. This model uses the RISA and assessment plan as proposed in chapter 7. It includes all the specified dimensions of Information Security. The assessment model will enable management to obtain a comprehensive high-level picture of the total security posture of an organization. Chapter 10 will summarize the research done and propose further research to be done. , Prof. S.H. von Solms
- Full Text:
DFMF : a digital forensic management framework
- Grobler, Cornelia Petronella
- Authors: Grobler, Cornelia Petronella
- Date: 2012-08-22
- Subjects: Computer crimes - Investigation , Forensic sciences , Computer forensics
- Type: Thesis
- Identifier: uj:2937 , http://hdl.handle.net/10210/6365
- Description: D.Phil.(Computer Science) , We are living in an increasingly complex world in which much of society is dependent on technology and its various offshoots and incarnations (Rogers & Siegfried, 2004). There is ample evidence of the influence of technology on our daily lives. We communicate via e-mail, use chat groups to interact and conduct business by using e-commerce. People relate each other’s existence to a presence on Facebook. The convergence of the products, systems and services of information technology is changing the way of living. The latest smart and cell phones have cameras, applications, and access to social networking sites. These phones contain sensitive information, for example photographs, e-mail, spread sheets, documents, and presentations. The loss of a cell phone therefore may pose a serious problem to an individual or an organisation, when considering privacy and intellectual property issues from an information security (Info Sec) perspective (Pieterse, 2006). Organisations have accepted the protection of information and information assets as a fundamental business requirement and managers are therefore implementing an increasing number of security counter measures, such as security policies, intrusion detection systems, access control mechanisms, and anti-virus products to protect the information and information assets from potential threats. However, incidents still occur, as no system is 100% secure. The incidents must be investigated to determine their root cause and potentially to prosecute the perpetrators (Louwrens, von Solms, Reeckie & Grobler, 2006b). Humankind has long been interested in the connection between cause and event, wishing to know what happened, what went wrong and why it happened. The need for computer forensics emerged when an increasing number of crimes were committed with the use of computers and the evidence required was stored on the computer. In 1984, a Federal Bureau of Investigation (FBI) laboratory began to examine computer evidence (Barayumureeba & Tushabe, 2004), and in 1991 the international association of computer investigation specialists (IACIS) in Portland, Oregon coined the term ‘computer forensics’ during a training session.
- Full Text:
- Authors: Grobler, Cornelia Petronella
- Date: 2012-08-22
- Subjects: Computer crimes - Investigation , Forensic sciences , Computer forensics
- Type: Thesis
- Identifier: uj:2937 , http://hdl.handle.net/10210/6365
- Description: D.Phil.(Computer Science) , We are living in an increasingly complex world in which much of society is dependent on technology and its various offshoots and incarnations (Rogers & Siegfried, 2004). There is ample evidence of the influence of technology on our daily lives. We communicate via e-mail, use chat groups to interact and conduct business by using e-commerce. People relate each other’s existence to a presence on Facebook. The convergence of the products, systems and services of information technology is changing the way of living. The latest smart and cell phones have cameras, applications, and access to social networking sites. These phones contain sensitive information, for example photographs, e-mail, spread sheets, documents, and presentations. The loss of a cell phone therefore may pose a serious problem to an individual or an organisation, when considering privacy and intellectual property issues from an information security (Info Sec) perspective (Pieterse, 2006). Organisations have accepted the protection of information and information assets as a fundamental business requirement and managers are therefore implementing an increasing number of security counter measures, such as security policies, intrusion detection systems, access control mechanisms, and anti-virus products to protect the information and information assets from potential threats. However, incidents still occur, as no system is 100% secure. The incidents must be investigated to determine their root cause and potentially to prosecute the perpetrators (Louwrens, von Solms, Reeckie & Grobler, 2006b). Humankind has long been interested in the connection between cause and event, wishing to know what happened, what went wrong and why it happened. The need for computer forensics emerged when an increasing number of crimes were committed with the use of computers and the evidence required was stored on the computer. In 1984, a Federal Bureau of Investigation (FBI) laboratory began to examine computer evidence (Barayumureeba & Tushabe, 2004), and in 1991 the international association of computer investigation specialists (IACIS) in Portland, Oregon coined the term ‘computer forensics’ during a training session.
- Full Text:
- «
- ‹
- 1
- ›
- »