INFORMATION SECURITY MANAGEMENT IN ORGANIZATIONS
Ndungu , Maryanne; Kandel, Sushila (2015)
Centria-ammattikorkeakoulu (Keski-Pohjanmaan ammattikorkeakoulu)
2015
All rights reserved
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2015061613437
https://urn.fi/URN:NBN:fi:amk-2015061613437
Tiivistelmä
In today's globally interconnected economy, information security has become one of the most complex issues of concern at the world's leading organizations. The capital value of information is significantly increasing and forming a large part of the shareholder value due to increased dependence on information. Organizations that want to achieve competitive advantage amongst other goals have information security at the centre of their concerns.
It is now evident that information is a business enabler and it is almost impossible for an enterprise in today’s information economy to transact its business with ineffective information security. Inadequately protected organizations have turned out to be threats for their more secured counterparts. Information security is not an option for organizations that wish to maintain uninterrupted business processes.
The aim of this thesis work was to illustrate the importance of information security and its value. This thesis recognizes that information security is not only a technical issue but a governance concern as well. IT security governance structure and its importance are therefore emphasized. This thesis discusses the procedures to be followed by organizations to ensure their information is secure. It includes an in depth focus on the establishment of an organization’s unique security policy document.
It is now evident that information is a business enabler and it is almost impossible for an enterprise in today’s information economy to transact its business with ineffective information security. Inadequately protected organizations have turned out to be threats for their more secured counterparts. Information security is not an option for organizations that wish to maintain uninterrupted business processes.
The aim of this thesis work was to illustrate the importance of information security and its value. This thesis recognizes that information security is not only a technical issue but a governance concern as well. IT security governance structure and its importance are therefore emphasized. This thesis discusses the procedures to be followed by organizations to ensure their information is secure. It includes an in depth focus on the establishment of an organization’s unique security policy document.