Information System Security Effectiveness Attributes: A Tanzanian Company Case Study
In today-s highly globalised and competitive world
access to information plays key role in having an upper hand between
business rivals. Hence, proper protection of such crucial resource is
core to any modern business. Implementing a successful information
security system is basically centered around three pillars; technical
solution involving both software and hardware, information security
controls to translate the policies and procedure in the system and the
people to implement. This paper shows that a lot needs to be done for
countries adapting information technology to process, store and
distribute information to secure adequately such core resource.
[1] C. Alberts, and A. Dorofee, "Managing Information Security Risks: The
OCTAVE Approach", 1st Edition, USA, Addison Wesley, 2002.
[2] A. Andress, "Surviving Security: How to Integrate People, Process, and
Technology", 2nd Edition, New York, USA, Auerbach Publishers Inc.,
2004.
[3] F. Gallegos, "Educating the Masses: Audit, Control and Security of
Information Systems Today and Tomorrow" Information Systems
Control Journal, 2004 Vol.6, pp13-15.
[4] Kurtz, R.L. and Vines D.V., "The CISSP Prep Guide - Mastering the
Ten Domains of Computer Security", 1st Edition, USA, John Wiley &
Sons Inc, 2001.
[5] Ward, J. and Peppard, J., "Strategic Planning for Information Systems",
3rd Edition, West Sussex England, John Wiley & Sons Inc, 2002.
[6] Doughty, K., "Implementing Enterprise Security: A Case Study (Part
1)", Information Systems Control Journal, 2003 Vol.2, pp34-39.
[7] Doughty, K., "Implementing Enterprise Security: A Case Study (Part 2)"
Information Systems Control Journal, 2003 Vol.3, pp60-63.
[8] Federal Financial Institutions Examination Council (FFIEC), "IT
Examination Handbook: Information Security", USA, FFIEC
Publishers, 2006.
[9] Ross, S. J., "Information Security and the Resilient Enterprise",
Information Systems Control Journal, 2005 Vol.2, pp8-9.
[10] O-Bryan, S. K., "Critical Elements of Information Security Program
Success" Information Systems Control Journal, 2006 Vol.3.
[11] W. Stallings, "Cryptography and Network Security Principles and
Practices", 4th Edition, USA, Prentice Hall, 2005.
[12] H.F. Tipton and M. Krause, "Information Security Management
Handbook", 5th Edition, New York, USA, Auerbach Publishers Inc.,
2003.
[1] C. Alberts, and A. Dorofee, "Managing Information Security Risks: The
OCTAVE Approach", 1st Edition, USA, Addison Wesley, 2002.
[2] A. Andress, "Surviving Security: How to Integrate People, Process, and
Technology", 2nd Edition, New York, USA, Auerbach Publishers Inc.,
2004.
[3] F. Gallegos, "Educating the Masses: Audit, Control and Security of
Information Systems Today and Tomorrow" Information Systems
Control Journal, 2004 Vol.6, pp13-15.
[4] Kurtz, R.L. and Vines D.V., "The CISSP Prep Guide - Mastering the
Ten Domains of Computer Security", 1st Edition, USA, John Wiley &
Sons Inc, 2001.
[5] Ward, J. and Peppard, J., "Strategic Planning for Information Systems",
3rd Edition, West Sussex England, John Wiley & Sons Inc, 2002.
[6] Doughty, K., "Implementing Enterprise Security: A Case Study (Part
1)", Information Systems Control Journal, 2003 Vol.2, pp34-39.
[7] Doughty, K., "Implementing Enterprise Security: A Case Study (Part 2)"
Information Systems Control Journal, 2003 Vol.3, pp60-63.
[8] Federal Financial Institutions Examination Council (FFIEC), "IT
Examination Handbook: Information Security", USA, FFIEC
Publishers, 2006.
[9] Ross, S. J., "Information Security and the Resilient Enterprise",
Information Systems Control Journal, 2005 Vol.2, pp8-9.
[10] O-Bryan, S. K., "Critical Elements of Information Security Program
Success" Information Systems Control Journal, 2006 Vol.3.
[11] W. Stallings, "Cryptography and Network Security Principles and
Practices", 4th Edition, USA, Prentice Hall, 2005.
[12] H.F. Tipton and M. Krause, "Information Security Management
Handbook", 5th Edition, New York, USA, Auerbach Publishers Inc.,
2003.
@article{"International Journal of Business, Human and Social Sciences:50809", author = "Nerey H. Mvungi and Mosses Makoko", title = "Information System Security Effectiveness Attributes: A Tanzanian Company Case Study", abstract = "In today-s highly globalised and competitive world
access to information plays key role in having an upper hand between
business rivals. Hence, proper protection of such crucial resource is
core to any modern business. Implementing a successful information
security system is basically centered around three pillars; technical
solution involving both software and hardware, information security
controls to translate the policies and procedure in the system and the
people to implement. This paper shows that a lot needs to be done for
countries adapting information technology to process, store and
distribute information to secure adequately such core resource.", keywords = "security, information systems, controls, technology,
practices.", volume = "6", number = "10", pages = "2512-6", }