Premium Essay

Security Management Literature Review

Submitted By
Words 962
Pages 4
CHAPTER TWO
LITERATURE REVIEW

2.1 Introduction

For a long time, university-managements have put much investment in IT security appliances towards improving system security, (Bichanga & Obara, (2014). Despite continued investment in IT security, there is increased frequency at which security of university information systems are getting breached thus compromising productivity and security of information systems that support teaching, learning, administrative and research activities, (Vacca, 2012). Research studies indicate that to ensure better IT security management, a reliable way of determining security status need to be considered besides heavy investment in security appliances, (Mong'ira, 2011). This is supported by Broadbent (2007), …show more content…
A review of the Security practices and activities as centered on the major Information technology security elements like network security, data security, personnel, malware control, and security policies, physical security and access control would help in understanding the IT security status within the universities, (Lennon, et. al, 2003)

This review encompasses network security appliances and practices, database security- including data encryption, database application security, malware control practices, implementation of information technology security policy, students and personnel management on security of information assets, physical / perimeter security control, access control within the universities as well as provision of metrics within the information security …show more content…
According to Mohlabeng, Mokwena, & Osunmakinde, (2012), among the elements of information security to be considered in the management framework are IT policies, users, network, and the general IT infrastructure security. This suggestion concurs with Jansen, (2010) which shows that holistic framework including all major elements of IT security can offer better security management for ITsystems.

Whitson, (2003) studied the model of CIA as applied in information security management within Australian universities. The model, as the study shows, guarantees confidentiality, integrity and availability of information. However, Jansen, (2010) shows that the CIA model of information security management is inadequate as it does not factor in accountability and responsibility features and hence a better security management and measurement model for information systems ought to be

Similar Documents

Premium Essay

Prison

...services, the structure and form of oversight and accountability to insure punishment is just and fair, and the measurement of cost and efficiency. To be sure, many of these issues are crucial even in the absence of a privatization debate. However, because there are impassioned proponents and opponents on both sides of the issue, the prison privatization literature has provoked both earnest debate and fractious polemic. One might expect that the importance of this topic would have elevated prison privatization research and encouraged the funding of large scale studies. In fact, there are very few studies comparing privately and publicly operated facilities. Segal and Moore (2002) identified about 23 U.S. cost comparison studies and fewer quality studies. Many of those studies were of questionable value. The most recent review, a meta-analysis by Lundahl et. al. (2009) only identified 12 studies of cost and quality meeting their criteria for sound methodology. Even with this limited set of privatization studies, different reviewers have come to opposing conclusions about what the research literature shows. Of the five reviews I cover, three conclude there is no difference between the cost and quality of private and public prisons, and two conclude private prisons are quite a bit cheaper to operate, and produce a similar level of quality. At the end of this...

Words: 5026 - Pages: 21

Premium Essay

Csec 630

...CSEC630 CSEC630 - Individual Assignment Objective: Assess the security vulnerabilities of an organization's computer/network operating systems along with the techniques used to protect them. Competencies: Critical thinking Instructions: In 10-12 double-spaced pages discuss the following: 1. The relative advantages and disadvantages of at least three different measures used to protect operating systems. 2. The ease of implementation of the measures. 3. The associated security management issues related to measures discussed above. 4. The ranking of the measures from best to worst with supporting rationale. Prepare your paper in Word. Include a minimum of 5 sources. The citations and the reference list in the paper should be formatted in accordance with APA 6th edition guidelines. The assignment is due at the end of the session week 7. Before you submit your paper, you will need to run your assignment through Turnitin.com and receive an originality report. DO NOT WAIT TO THE LAST MINUTE TO DO THIS. It might take several hours to do this. Resubmissions can take a day or more. For instructions, go to " Basic Turnitin Instructions" in the General Information module. After it meets all of the stated criteria, submit the paper AND the originality report in your Assignments Folder. * DUE DATE: End of Week 7 (Two Week assignment – Week 6 and Week 7). CSEC630 Individual Assignment Grading Criteria This assignment is worth 10 percent...

Words: 666 - Pages: 3

Premium Essay

Yup Paper

...CSEC630 CSEC630 - Individual Assignment Objective: Assess the security vulnerabilities of an organization's computer/network operating systems along with the techniques used to protect them. Competencies: Critical thinking Instructions: In 10-12 double-spaced pages discuss the following: 1. The relative advantages and disadvantages of at least three different measures used to protect operating systems. 2. The ease of implementation of the measures. 3. The associated security management issues related to measures discussed above. 4. The ranking of the measures from best to worst with supporting rationale. Prepare your paper in Word. Include a minimum of 5 sources. The citations and the reference list in the paper should be formatted in accordance with APA 6th edition guidelines. The assignment is due at the end of the session week 7. Before you submit your paper, you will need to run your assignment through Turnitin.com and receive an originality report. DO NOT WAIT TO THE LAST MINUTE TO DO THIS. It might take several hours to do this. Resubmissions can take a day or more. For instructions, go to " Basic Turnitin Instructions" in the General Information module. After it meets all of the stated criteria, submit the paper AND the originality report in your Assignments Folder. * DUE DATE: End of Week 7 (Two Week assignment – Week 6 and Week 7). CSEC630 Individual Assignment Grading Criteria This assignment is worth 10 percent...

Words: 666 - Pages: 3

Premium Essay

Hris

...Proposed Title Role of Human Resource Information System (HRIS) in an Organization The purpose of this research is to identify business organizations that have faced human resources issues in regards to information technology. Through the study, we can learn how business organizations have handled certain human resources issues related to information technology, information systems, new technology, and data security. With the changing world and constant new technology that is available, managers need to be aware of the technology that will increase effectiveness in their organization. 2. Introduction HRIS refers to software packages that address HR needs with respect to planning, employee information access, and employer regulatory compliance. The following text begins with a discussion of human resource planning, followed by human resource management systems. Human Resource Information Systems (HRIS) have become one of the most important tools for many businesses. Many firms do not realize how much time and money they are wasting on manual human resource management (HRM) tasks until they sit down and inventory their time. HRIS is advancing to become its own information technology (IT) field. It allows companies to cut costs and offer more information to employees in a faster and more efficient way. Especially in difficult economic times, it is critical for companies to become more efficient in every sector of their business; human resource (HR) is no exception. HRIS has...

Words: 1270 - Pages: 6

Free Essay

Anthrax Vaccine as a Component of the Strategic National Stockpile: a Dilemma for Homeland Security

...POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS ANTHRAX VACCINE AS A COMPONENT OF THE STRATEGIC NATIONAL STOCKPILE: A DILEMMA FOR HOMELAND SECURITY by Thomas L. Rempfer December 2009 Thesis Advisor: Second Reader: Stanley Supinski Dean Lynch Approved for public release; distribution is unlimited THIS PAGE INTENTIONALLY LEFT BLANK REPORT DOCUMENTATION PAGE Form Approved OMB No. 0704-0188 Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instruction, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington DC 20503. 1. AGENCY USE ONLY (Leave blank) 4. TITLE AND SUBTITLE 2. REPORT DATE December 2009 3. REPORT TYPE AND DATES COVERED Master’s Thesis 5. FUNDING NUMBERS Anthrax Vaccine as a Component of the Strategic National Stockpile: A Dilemma for Homeland Security 6. AUTHOR(S) Thomas L. Rempfer 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) Naval Postgraduate School Monterey, CA 93943-5000 9. SPONSORING...

Words: 3672 - Pages: 15

Premium Essay

Homeland Security Research Design

...Homeland Security Research Design Chris Hix HSM421: Research & Analysis in Homeland Security Professor:  Kenneth Jenkins March 7, 2016 Homeland Security Research Design The United States has invested heavily in maintaining cyber security and border security in the homeland. Federal, State, and Local level initiatives have been implemented to escalate enforcement undertakings in communities across the country. These efforts are geared towards thwarting illegal border crossings and unlawful presence and occur in tandem with workplace enforcement to prevent illegal employment. However, these measures are not level with the excessive’ focus on terrorist threats displayed by agencies tasked with ensuring homeland security. The system is correctly focused on the terrorist threat posed by radical groups that are miles away while exhibiting complacency to more immediate threats. For instance, hackings, illegal immigration, human, and substance trafficking do more damage in a year than the combined damage of all terrorist activities to ever occur on American soil. Consequently, if the system is to achieve its mandate of ensuring Homeland Security, its main focus should be on immediate threats, of which cyber and border security are of most concern. The continued focus on terrorism as the central threat to homeland security necessitates an examination of the key factors that influence decision-making regarding homeland security. Hypotheses Getting the priorities right...

Words: 2565 - Pages: 11

Premium Essay

Cloud Systems or It Organisations

...Secure Data Sharing in the Cloud Danan Thilakanathan, Shiping Chen, Surya Nepal and Rafael A. Calvo 1 Introduction Cloud systems [1, 2] can be used to enable data sharing capabilities and this can provide an abundant of benefits to the user. There is currently a push for IT organisations to increase their data sharing efforts. According to a survey by InformationWeek [3], nearly all organisations shared their data somehow with 74 % sharing their data with customers and 64 % sharing with suppliers. A fourth of the surveyed organisations consider data sharing a top priority. The benefits organisations can gain from data sharing is higher productivity. With multiple users from different organisations contributing to data in the Cloud, the time and cost will be much less compared to having to manually exchange data and hence creating a clutter of redundant and possibly out-of-date documents. With social networking services such as Facebook, the benefits of sharing data are numerous [4] such as the ability to share photos, videos, information and events, creates a sense of enhanced enjoyment in one’s life and can enrich the lives of some people as they are amazed at how many people are interested in their life and well-being. For students and group-related projects, there has been a major importance for group collaborative tools [5]. Google Docs provides data sharing capabilities as groups of students or teams working on a project can share documents and can collaborate...

Words: 13400 - Pages: 54

Premium Essay

Master Student

...Economics Case Study 26 “JetBlue Airways IPO Valuation” Lecturer: Kou Lim Hong Prepared By: 1. Ms. Khoun Davy 2. Ms. Khoun Dalin 3. Ms. Chiem Sothana 4. Mr. Soksithika 5. Mr. Oag Sothearith 6. Mr. Mov Vandara MFM, Group 2 team 6 2011-2012 Outline of The Presentation I. II. Introduction of Case Study Main Problem III. Literature Review IV. Case analysis V. Conclusion Outline of The Presentation I. II. Introduction of Case Study Main Problem III. Literature Review IV. Case analysis V. Conclusion Introduction of Case Study JetBlue Airway Background  JetBlue airways are a low cost airline established in July 1999 by David Neeleman.  David Neeleman was experienced in the operations of airline and start up airlines.  The airline was to provide new levels of service in the airline travel industry, concentrating on customer service and low fares. Introduction of Case Study JetBlue Airway Background  David Neeleman plan was to commit to innovation in people, policies and technology to keep the companies planes full and thus the company profitable. To ensure this goal and the company’s future David Neeleman assembled and impressive management team and group of investors. JetBlue’s COO was to be David Barger ex-vice president of Continental Airlines. John Owen who was executive vice-president and treasurer of Southwest Airlines agreed to become JetBlue’s CFO. Introduction of Case Study JetBlue Airway Background  David Neeleman received $130million from...

Words: 982 - Pages: 4

Premium Essay

Development of Hrm Systems

...employment costs and ensure employee productivity. For the second strategy a high performance work system (Lepak et al., 2006) is proposed which focuses on investment in employees and elements of high commitment approaches. Within this system the practices focus on the growth of knowledge and skills of employees, high employment security and empowerment, such as offering intensive training and internal career opportunities. These practices can contribute to employee turnover decrease, the development of an internal knowledge base of the organization and retaining specific knowledge within the organization (Delery and Doty, 1996). The main difference between these systems is the perceived value of employees. In the first system, employees are seen as means to an end, in the second system employees are an important asset contributing to the competitive advantage of the organization. Delery and Doty (2006) hypothesize that some HR practices will always have a positive influence on firm performance, while others depend more on the environment in which they are applied. The study suggests that especially results-oriented appraisals, profit sharing and job security have positive effect...

Words: 941 - Pages: 4

Premium Essay

The Evolution of Stock Market Efficiency over Time: a Survey of the Empirical Literature

...THE EVOLUTION OF STOCK MARKET EFFICIENCY OVER TIME: A SURVEY OF THE EMPIRICAL LITERATURE Kian-Ping Lim Universiti Malaysia Sabah and Monash University and Robert Brooks Monash University Background This paper provides an insight into the empirical literature as pertains the evolution of stock market efficiency over time, with a keen focus on the weak form Efficient Market Hypothesis (EMH). The authors provide a systematic review of the correlation between several financial factors namely: Adaptive Markets Hypothesis (AMH), Efficient Markets Hypothesis (EMH), Evolving Return Predictability, Stock markets and Weak-form EMH. The authors pay keen attention on how return predictability from past price changes is affected by key players and determinants on the stock markets. From the survey they conduct, the posit that the bulk of the empirical studies examine whether the stock market under study is or is not weak-form efficient in the absolute sense, assuming that the level of market efficiency remains unchanged throughout the estimation period. The authors acknowledge that one field that has drawn extensive investigation by scholars and other players alike is the predictability of stock returns on the basis of past price changes. This is partly due to its direct implication on weak-form market efficiency. They find that a vast majority of the literature implicitly assumes the level of market efficiency remains unchanged throughout the estimation period. However, the possibility...

Words: 1925 - Pages: 8

Premium Essay

Accounting Is Good

...Peter Wysocki June 26, 2006 Commissioned by the Task Force to Modernize Securities Legislation in Canada Christian Leuz Christian Leuz is currently the Professor of Accounting at the University of Chicago, Graduate School of Business. He is also the David G. Booth Faculty Fellow. Prior to this position, Professor Leuz was the Harold Stott Term Assistant Professor in Accounting at the Wharton School of the University of Pennsylvania and Fellow at Wharton’s Financial Institution Center. His research interests include transparency and corporate governance, financial disclosure and securities regulation, and the links between the institutions of market economies. Professor Leuz earned his doctoral degree and “Habilitation” at the Goethe University Frankfurt in Germany. His most recent publications have appeared in the Journal of Financial Economics, the Journal of Accounting and Economics and the Journal of Accounting Research. He is an Associate Editor of the Journal of Accounting and Economics and serves currently on the Editorial Board of The Accounting Review, the Journal of Accounting Research, the Journal of Business, Finance and Accounting, and the International Journal of Accounting. He has received several grants and honors, of which the Geewax Terker Prize is the latest. Peter Wysocki Professor Peter Wysocki is an associate professor of management at the MIT Sloan School of Management and has been a member of the MIT accounting faculty since 2001. Peter’s research...

Words: 20952 - Pages: 84

Free Essay

Ob Individual Essay

...European Management Journal (2010) 28, 421– 440 journal homepage: www.elsevier.com/locate/emj International human resource management challenges in Canadian development INGOs Sharon L. OÕSullivan * Telfer School of Management, University of Ottawa, 55 Laurier ave East, Ottawa, ON, Canada, K1N 6N5 KEYWORDS International human resource management; International non-governmental organization; International development; Northern NGOs; Canada; Capacity building Summary Over $100 million of Canadian overseas development assistance (ODA) is channeled through international non-governmental organizations (INGOs) (CIDA, 2006). Although INGOs appear to be successful at circumventing many challenges in international development (Sachs, 2007), empirical research attesting to their international human resource management (IHRM) challenges is sparse, particularly in regard to secular, Northern INGOs. This paper responds by investigating the IHRM challenges facing Canadian INGOs as they implement ODA-funded projects in the field, and by exploring how such challenges may vary in different types of INGOs. The methodology involved semistructured interviews with 31 managers in three different Canadian development INGOs. Practical and theoretical implications are discussed. ª 2010 Elsevier Ltd. All rights reserved. Introduction The term INGO refers to ‘‘international non-governmental organization’’ (Roberts et al., 2005). Such organizations exist for diverse socioeconomic reasons...

Words: 17106 - Pages: 69

Premium Essay

Supply Chain Risk Management

...(2011) 25–34 Contents lists available at ScienceDirect Int. J. Production Economics journal homepage: www.elsevier.com/locate/ijpe Identifying risk issues and research advancements in supply chain risk management Ou Tang a,c, S. Nurmaya Musa a,b,n a Department of Management and Engineering, Link¨ping University, SE-581 83 Link¨ping, Sweden o o Department of Engineering Design and Manufacture, University of Malaya, 50603 Kuala Lumpur, Malaysia c School of Economics & Management, Tongji University, Shanghai 200092, PR China b a r t i c l e in fo Available online 3 July 2010 Keywords: Supply chain Risk management Citation/co-citation analysis abstract The purpose of this paper is to investigate the research development in supply chain risk management (SCRM), which has shown an increasing global attention in recent years. Literature survey and citation/ co-citation analysis are used to fulfil the research task. Literature survey has undertaken a thorough search of articles on selected journals relevant to supply chain operations management. Meanwhile, citation/co-citation analysis uses Web of Sciences database to disclose SCRM development between 1995 and 2009. Both the approaches show similar trends of rising publications over the past 15 years. This review has piloted us to identify and classify the potential risk associated with different flows, namely material, cash and information flows. Consequently, we identify some research gaps. Even though there is a pressing...

Words: 8250 - Pages: 33

Premium Essay

Review the Process of Implementing Cloud Computing of Smes in Uk - an Exploratory Study

...Review the process of implementing cloud computing of SMEs in UK - an Exploratory Study 1. Introduction Information technology (IT) plays an important role in increasing innovation and competitiveness and performance for small and medium-sized enterprise (SMEs). Cloud computing or on-demand computing is IT infrastructures that empower SMEs with various capabilities to store, share and access information, data and resources in third-party data center. Cloud computing when implemented strategically will help enterprises to improve their performances, processes and efficiency. Despite the importance of cloud-based computing, limited research has done to study about the implementation and usage of cloud-based computing in the SMEs within the UK context (Shiels et al., 2003). The objective of the research reviewed in this proposal is to contribute to the valuable research on cloud solutions by studying the implementation of SMEs. UK was selected for this research as in UK, SMEs accounts for the vast mojarity of all companies and it is home of innovation companies that develop with the development of information and communication technologies. The relevant literature are referred and the theoretical framework is used in this research are discussed in the next part of the paper. 2. Literature Review According to Sultan, N. A. (2011) small- and medium-sized enterprises can take a lot of advantages from embracing cloud solutions. Because no matter of what type of business...

Words: 2789 - Pages: 12

Premium Essay

Electronic Health Records Ethical Issues

...al., 2015). The public perception and concerns regarding the safety and security of EHRs is cause for concern and action by health care agencies. A systematic literature review found thirteen features that were essential to security and privacy of EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques (Rezaeibagha, Win, & Susilo,...

Words: 956 - Pages: 4