1st Edition
Information Security Management Systems A Novel Framework and Software as a Tool for Compliance with Information Security Standard
Introduction
Study Overview
The Scope of the Problem and Motivations
Research Positioning
Research Method
Outcome and Contributions
Book Structure
Concluding Remarks
Literature Review
Introduction
Computer Security: Term and Concept
Information Security: A Part of Computer Security
Information Security Management System Standard
Information Security Management System Framework
Existing Methods and Tools to Aid in Adopting ISO 27001
Software Development Methodologies and Performance Measurement
Methodology
Introduction
An Overview of Methodology Stages
Respondents
Data Collection Method
Data Categories
Data Analysis
Integrated Solution Framework
Introduction
The Challenges
The Motivations
Existing Frameworks: The Nine State-of-the-art Frameworks (9STAF)
Overview of ISF
The Features Comparison
ISF Components
The Mathematical Notation
Computer Algorithm
Software Development
Introduction
ISM Technologies and Front-End Architecture
The Database
Software Development Stages
Release Version
Testing Stage
Comparison of ISM with some Existing Tools
Testing The Software: RISC Investigation and SP/SQ Measurement
Introduction
Research Background
Study in Brief
The Result
PART-I: Information Security Strategies
Bank of Indonesia: A Success Story
Telkom Indonesia Corp: Lessons Learned
PART II: Information Security Behavior
Attitudes to information security
Security Awareness
Security Standard
PART III: RISC Investigation
Respondents’ Self-Assessment
Information Security Self-Awareness
Management Support
Marketing Aspects
PART IV: SP / SQ Measurement
Software Overview
Cause-Effect Analysis
The Eight Fundamental Parameters Measurement
Security Culture
Efficiency and Effectiveness
Enhance Security Literacy
Conclusions and Recommendations
The Major Findings
Recommendations and Future Research Directions
Concluding Remarks
References
Biography
Heru Susanto, PhD, is currently the head and researcher of the Computational Science & IT Governance Research Group at the Indonesian Institute of Sciences. He is also an Honorary Professor and Visiting Scholar at the Department of Information Management, College of Management and Hospitality, Tunghai University, Taichung, Taiwan. Dr. Heru has experience as an IT professional and as web division head at IT Strategic Management at Indomobil Group Corporation. He has worked as the Prince Muqrin Chair for Information Security Technologies at King Saud University in Riyadh, Saudi Arabia. He received a BSc in Computer Science from Bogor Agricultural University, an MBA in Marketing Management from the School of Business and Management Indonesia, an MSc in Information System from King Saud University, and a PhD in Information Security System from the University of Brunei and King Saud University. His research interests are in the areas of information security, it governance, computational sciences, business process re-engineering, and e-marketing.
Mohammad Nabil Almunawar, PhD, is currently a senior lecturer and the Dean of the School of Business and Economics, Universiti of Brunei Darussalam (UBD), Brunei Darussalam. Dr. Almunawar has published more than 60 papers in refereed journals, book chapters, and presentations at international conferences. He has more than 25 years of teaching experience in the area of computer and information systems. His overall research interests include applications of IT in management, electronic business/commerce, health informatics, information security, and cloud computing. He is also interested in object-oriented technology, databases and multimedia retrieval.
Dr. Almunawar received his bachelor degree in 1983 from Bogor Agricultural University, Indonesia; his master’s degree (MSc in Computer Science) from the Department of Computer Science, University of Western Ontario, London, Canada, in 1991, and a PhD from the University of New South Wales (School of Computer Science and Engineering, UNSW), Australia, in 1998.
