Please use this identifier to cite or link to this item: http://dlib.scu.ac.ir/handle/2123/13373
Title: The holistic management of information security processes
subject: Cybersecurity;Information security;Strategy;Security process;Security governance;Security management
Publisher: University of Sydney
Business School
Discipline of Business Information Systems
Description: Title: The holistic management of information security processes Keywords: cybersecurity, information security, strategy, security process, security governance, security management This research examines information security management and associated processes within a large Australian financial institution by providing a rich, in-depth view of organisational information security management within the specifics of its dynamic context. Using a single in-depth qualitative case study, this research examines the role of internal and external actors in relation to the information security management processes. Relational process and stakeholder theoretical lenses are applied to derive the findings of this research. The three key outcomes of the research are: The information security management process is a product of a multitude of interactions between internal and external actors within organisations. These actors pursue individual agendas and objectives, therefore requiring those who ensure organisational information security to utilise a combination of cognitive, political and social processes to ensure cooperation. The use of such processes can contribute to the effectiveness of formal security governance, assist in embedding a security culture and help position information security as a business enabler. External and internal actors vary in their impact upon the information security process within organisations. This variation is a result of difference in power, legitimacy and urgency of these stakeholder claims. Internal and external stakeholders are continuously interacting with each other through a network of dynamic and multi-directional relationships. Identifying, prioritising and engaging with the variety of stakeholders impacting on the information management process can contribute to the achievement of organisational information security management objectives. A classification framework is provided that can guide the prioritisation process and seek appropriate modes of engagement with the
Access is restricted to staff and students of the University of Sydney . UniKey credentials are required. Non university access may be obtained by visiting the University of Sydney Library.
URI: https://ses.library.usyd.edu.au/handle/2123/13373
More Information: http://hdl.handle.net/2123/13373
Appears in Collections:Postgraduate Theses

Files in This Item:
Click on the URI links for accessing contents.
Title: The holistic management of information security processes
subject: Cybersecurity;Information security;Strategy;Security process;Security governance;Security management
Publisher: University of Sydney
Business School
Discipline of Business Information Systems
Description: Title: The holistic management of information security processes Keywords: cybersecurity, information security, strategy, security process, security governance, security management This research examines information security management and associated processes within a large Australian financial institution by providing a rich, in-depth view of organisational information security management within the specifics of its dynamic context. Using a single in-depth qualitative case study, this research examines the role of internal and external actors in relation to the information security management processes. Relational process and stakeholder theoretical lenses are applied to derive the findings of this research. The three key outcomes of the research are: The information security management process is a product of a multitude of interactions between internal and external actors within organisations. These actors pursue individual agendas and objectives, therefore requiring those who ensure organisational information security to utilise a combination of cognitive, political and social processes to ensure cooperation. The use of such processes can contribute to the effectiveness of formal security governance, assist in embedding a security culture and help position information security as a business enabler. External and internal actors vary in their impact upon the information security process within organisations. This variation is a result of difference in power, legitimacy and urgency of these stakeholder claims. Internal and external stakeholders are continuously interacting with each other through a network of dynamic and multi-directional relationships. Identifying, prioritising and engaging with the variety of stakeholders impacting on the information management process can contribute to the achievement of organisational information security management objectives. A classification framework is provided that can guide the prioritisation process and seek appropriate modes of engagement with the
Access is restricted to staff and students of the University of Sydney . UniKey credentials are required. Non university access may be obtained by visiting the University of Sydney Library.
URI: https://ses.library.usyd.edu.au/handle/2123/13373
More Information: http://hdl.handle.net/2123/13373
Appears in Collections:Postgraduate Theses

Files in This Item:
Click on the URI links for accessing contents.
Title: The holistic management of information security processes
subject: Cybersecurity;Information security;Strategy;Security process;Security governance;Security management
Publisher: University of Sydney
Business School
Discipline of Business Information Systems
Description: Title: The holistic management of information security processes Keywords: cybersecurity, information security, strategy, security process, security governance, security management This research examines information security management and associated processes within a large Australian financial institution by providing a rich, in-depth view of organisational information security management within the specifics of its dynamic context. Using a single in-depth qualitative case study, this research examines the role of internal and external actors in relation to the information security management processes. Relational process and stakeholder theoretical lenses are applied to derive the findings of this research. The three key outcomes of the research are: The information security management process is a product of a multitude of interactions between internal and external actors within organisations. These actors pursue individual agendas and objectives, therefore requiring those who ensure organisational information security to utilise a combination of cognitive, political and social processes to ensure cooperation. The use of such processes can contribute to the effectiveness of formal security governance, assist in embedding a security culture and help position information security as a business enabler. External and internal actors vary in their impact upon the information security process within organisations. This variation is a result of difference in power, legitimacy and urgency of these stakeholder claims. Internal and external stakeholders are continuously interacting with each other through a network of dynamic and multi-directional relationships. Identifying, prioritising and engaging with the variety of stakeholders impacting on the information management process can contribute to the achievement of organisational information security management objectives. A classification framework is provided that can guide the prioritisation process and seek appropriate modes of engagement with the
Access is restricted to staff and students of the University of Sydney . UniKey credentials are required. Non university access may be obtained by visiting the University of Sydney Library.
URI: https://ses.library.usyd.edu.au/handle/2123/13373
More Information: http://hdl.handle.net/2123/13373
Appears in Collections:Postgraduate Theses

Files in This Item:
Click on the URI links for accessing contents.