Information Security Policy Development: the Mechanism to Ensure Security Over Information Technology Systems
Information security is still in its embryonic phase. The reason is that there are certain malevolent actors in the network that are always looking for loopholes in the system and can harm organizations with their malicious activities. The development of information security policy is very important. It lays the foundations of certain significant standards and procedures that help mitigate the potential risks associated with the organization or its network. The following article has discussed information security policy and its respective development cycle for the implementation of policy infrastructure that could help secure vital data and information in an organization. A framework is explained that demonstrates the construction of a policy, keeping in mind the implementation of an effective security policy. It has elaborated the significance of auditing measures focusing on ISO-27001, the policy specifically designed for information security.
-
Information, Network, ISO-27001, Information Technology, Information Security, Policy, Audit
-
(1) Maryam Saadat
Bs, Department of International Relations, National Defence University, Islamabad, Pakistan
(2) Muhammad Umar Abbasi
Assistant Professor, Department of International Relations, National Defence University, Islamabad, Pakistan
- Flowerday, S. (2022). Information Security Policy Development and Implementation: A content analysis approach. Accessed January 10, 2022. https://www.researchgate.net/publication/3 03061017_Information_Security_Policy_ Development_and_Implementation_A_co ntent_analysis_approach
- Herath, H. S., & Herath, T. C. (2014). IT security auditing: A performance evaluation decision model. Decision Support Systems, 57, 54-63. https://doi.org/10.1016/j.dss.2013.07.010
- Layton, T. P. (2007).
- Moneer, A. (2022). Information Security Policy: A Management Practice Perspective. https://www.researchgate.net/publication/3 41579953_Cybersecurity_A_Generic_Ref erence_Curriculum.
- Montesino, R., & Fenz, S. (2011, August). Information security automation: how far can we go?. In 2011 Sixth International Conference on Availability, Reliability and Security; 280-285.
- Montesino, R. & Fenz, S. (2011).
- University of Surrey. (2022). Information security policy. Accessed January 10, 2022. https://www.surrey.ac.uk/sites/default/ files/2020-12/information-security.pdf.
- Vroom, C., & Von Solms, R. (2004). Towards information security behavioural compliance. Computers & security, 23(3), 191-198
- Wiseman, May. (2022). Implementation of information security policies in public organizations. Accessed January 10, 2022. https://www.diva- portal.org/smash/get/diva2:1133654/FULL TEXT01.pdf.
- Boehmer, W. (2008).
Cite this article
-
APA : Saadat, M., & Abbasi, M. U. (2021). Information Security Policy Development: the Mechanism to Ensure Security Over Information Technology Systems. Global International Relations Review, IV(III), 22-30. https://doi.org/10.31703/girr.2021(IV-III).04
-
CHICAGO : Saadat, Maryam, and Muhammad Umar Abbasi. 2021. "Information Security Policy Development: the Mechanism to Ensure Security Over Information Technology Systems." Global International Relations Review, IV (III): 22-30 doi: 10.31703/girr.2021(IV-III).04
-
HARVARD : SAADAT, M. & ABBASI, M. U. 2021. Information Security Policy Development: the Mechanism to Ensure Security Over Information Technology Systems. Global International Relations Review, IV, 22-30.
-
MHRA : Saadat, Maryam, and Muhammad Umar Abbasi. 2021. "Information Security Policy Development: the Mechanism to Ensure Security Over Information Technology Systems." Global International Relations Review, IV: 22-30
-
MLA : Saadat, Maryam, and Muhammad Umar Abbasi. "Information Security Policy Development: the Mechanism to Ensure Security Over Information Technology Systems." Global International Relations Review, IV.III (2021): 22-30 Print.
-
OXFORD : Saadat, Maryam and Abbasi, Muhammad Umar (2021), "Information Security Policy Development: the Mechanism to Ensure Security Over Information Technology Systems", Global International Relations Review, IV (III), 22-30
-
TURABIAN : Saadat, Maryam, and Muhammad Umar Abbasi. "Information Security Policy Development: the Mechanism to Ensure Security Over Information Technology Systems." Global International Relations Review IV, no. III (2021): 22-30. https://doi.org/10.31703/girr.2021(IV-III).04