IIUM Repository

Information security aligned to enterprise management

Abdullah, Istikoma and Fakhri, Nurul Fahimah and Mastoi, Qurat-ul-ain and Ibrahim, Jamaludin (2015) Information security aligned to enterprise management. Middle East Journal of Business, 10 (1). pp. 62-66. ISSN 1834-8777

[img] PDF - Published Version
Restricted to Repository staff only

Download (300kB) | Request a copy

Abstract

This paper illustrates business aligned security approach as a key element of an enterprises’s overall business strategy. Business information security is a crucial concern in enterprise management for risk handling operation. The modern era of technology security for businesses is increasingly recognized especially in business strategies. Disconnection of information security procedures and commercial strategic business objectives effects to control security spending and their risk, incidents and losses. Operational enterprise system requires aligning security practices through embedding information security risk management into the organization, however it faces major challenges to support and enable the business. Alignment security in business process is one of the biggest challenges in good organization as it needs support re- sources and time management and ways to align security to overcome business objectives. Thus, an information security management role is important as a guideline to execute Business Information Security. In addition, the systematic security management introduces a business model for critical information infrastructure protection. Organization design and strategy, people, process and technology are the elements of the model which play an effective role in information security but it requires a balance among them.

Item Type: Article (Journal)
Additional Information: 6202/45401
Uncontrolled Keywords: business aligned security, enterprises overall business strategy, business information security, information security risk management, information security management(ISM).
Subjects: T Technology > T Technology (General) > T55.4 Industrial engineering.Management engineering. > T58.5 Information technology
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button): Kulliyyah of Information and Communication Technology > Department of Information System
Kulliyyah of Information and Communication Technology > Department of Information System
Depositing User: Jamaludin Ibrahim
Date Deposited: 27 Oct 2015 16:02
Last Modified: 12 Dec 2017 17:47
URI: http://irep.iium.edu.my/id/eprint/45401

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year