AN ANALYTICAL STUDY OF INFORMATION SECURITY MANAGEMENT IN THE PUBLIC SECTOR OF ALBANIA
Abstract
Public sector organizations are in the early stages of adopting information security management in Albania. Organizations who have adopted these processes have underestimated information security within the governance framework. This study specifically investigates the information security management within public sector organizations. Its objective is to align local organizations with international standards and frameworks in terms of integrating information security management and information technology audits, risks, and control measures. A survey of selected organizations is completed and results are presented in this paper identifying the maturity level of information security management in Albanian organizations.References
Blakely, B., E. McDermott, and D. Geer. (2001). “Information Security is Information Risk Management,” Proceedings of the 2001 Workshop on New Security Paradigms (Cloudcroft,NM, Sept. 10-13), New York: ACM Press pp. 97-104.
Cazemier, J. A., P. L. Overbeek, and L. M. Peters. (2000) Security Management (IT Infrastructure Library Series), Stationery Office, UK.
Choobineh, Joobin; Dhillon, Gurpreet; Grimaila, Michael R.; and Rees, Jackie (2007) "Management of Information Security: Challenges and Research Directions," Communications of the Association for Information Systems: Vol. 20, Article 57
Drucker, P. (1999). Management Challenges for the 21st Century, New York: Harper Business Books.
Finne, T. (2000). “Information Systems Risk Management: Key Concepts and Business Processes,” Computers & Security (19)3, pp. 234-242.
Nikolakopoulos, T. (2009).Evaluating the human factor in Information Security
Whitman M., Mattord H., “Principles of Information Security”, 4th edition, 2011, pg 91-92
Internet World Statistics 2018, https://www.internetworldstats.com/stats4.htm last accessed 28.02.2018
Price Waterhouse Coopers “The Global State of Information Security”, 2018. https://www.pwc.com/us/en/services/consulting/cybersecurity/library/information-security-survey.html last accessed 28.02.2018
Copyright information
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (Creative Commons Attribution License 3.0 - CC BY 3.0) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
info@iseic.cz, www.iseic.cz, ojs.journals.cz