Information security governance challenges and critical success factors: Systematic review

AlGhamdi, Sultan; Win, Khin Than; Vlahu‐Gjorgievska, Elena

doi:10.1016/j.cose.2020.102030

Cited by 65 publications

(84 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In other words, in traditional organizations, more security is achieved by more top-down controls and less cross-functional approaches. This finding underlines the important role that modern IT technologies such as ERP can play in enhancing organizational security while improving the agility of the organization (AlGhamdi et al, 2020).…”

Section: Discussionmentioning

confidence: 59%

Developing a QFD model for prioritizing the CSFs of ERP based on the enablers of organizational agility

Ahmadzadeh

Aboumasoudi

Shahin

et al. 2020

BIJ

View full text Add to dashboard Cite

PurposeThe main purpose of this study is to develop a model for prioritizing the critical success factors (CSF) of enterprise resources planning (ERP) based on the enablers of organizational agility (OA).Design/methodology/approachFirst, the CSFs of ERP and the enablers of OA have been identified and classified using Decision-Making Trial and Evaluation Laboratory (DEMATEL), and then a three-phase quality function deployment (QFD) model has been designed to prioritize the influencing and influenced criteria. The proposed approach has been examined in the banking sector.FindingsMajor findings indicated that organizational structure, IT technology infrastructure, and commitment and support by top managers were selected as indicators with top priority.Research limitations/implicationsResearch variables were limited to the enablers of OA and the CSFs of ERP; analysis was time-consuming due to the interconnected multiple QFD phases, and findings were limited to the selected branches of a bank. The bank managers were suggested to enhance their commitment and support toward ERP. Also, it was recommended to the managers to evaluate their organizational structure and empower it as much as possible toward the fulfillment of customers' requirements and customers' expected agility.Originality/valueThe development of the QFD matrices and dividing the factors of each research variables into influencing and influenced factors distinguished this study from the literature.

show abstract

Section: Discussionmentioning

confidence: 59%

Developing a QFD model for prioritizing the CSFs of ERP based on the enablers of organizational agility

Ahmadzadeh

Aboumasoudi

Shahin

et al. 2020

BIJ

View full text Add to dashboard Cite

show abstract

“…Since security is the main concern of any organization, the level of security features available with the access management scheme should be well organized and arranged according to the time requirements. Previous authors [3][4][5][6] are mainly concerned with the analysis of information security components and risk analysis. This research focuses on managing privileged access using Active Directory services to provide an authentic and improved way of identity management for any organization.…”

Section: Introductionmentioning

confidence: 99%

Identity Governance Framework for Privileged Users

Alruwies¹,

Mishra²,

Alshehri³

2022

Computer Systems Science and Engineering

View full text Add to dashboard Cite

Information technology companies have grown in size and recognized the need to protect their valuable assets. As a result, each IT application has its authentication mechanism, and an employee needs a username and password. As the number of applications increased, as a result, it became increasingly complex to manage all identities like the number of usernames and passwords of an employee. All identities had to be retrieved by users. Both the identities and the access rights associated with those identities had to be protected by an administrator. Management couldn't even capture such access rights because they couldn't verify things like privacy and security. Identity management can help solve this problem. The concept behind identity management is to centralize identity management and manage access identity centrally rather than multiple applications with their authentication and authorization mechanisms. In this research work, we develop governance and an identity management framework for information and technology infrastructures with privileged access management, consisting of cybersecurity policies and strategies. The results show the efficiency of the framework compared to the existing information security components. The integrated identity and access management and privileged access management enable organizations to respond to incidents and facilitate compliance. It can automate use cases that manage privileged accounts in the real world.

show abstract

“…This study discusses the problems of loss of flexibility in access and of reduced allocation of resources among users, which are among the most common problems in real system applications [5]. The absence of an exceptionally flexible approval mechanism in existing access control models may impair the resource availability and work time efficiency of current applications, and limit their growth [6].…”

Section: Introductionmentioning

confidence: 99%

Multi-Level Security Model Developed to Provide Data Privacy in Distributed Database Systems

Bakir

Güçlü

2022

Teh. vjesn.

View full text Add to dashboard Cite

Information security is related to efforts put in to avoid activities such as unauthorized usage, changing or disseminating of information by having access to these pieces of information. This should not be only thought as capturing of information but also as avoiding the violation of particulars such as integrity, availability, and confidentiality. Vulnerability that occurs in any one of these three basic elements will be evaluated as violation of information security. In this study with the aim to develop a multi-level access control method, Improved Bell-LaPadula security model has been adopted to distributed systems and hence, it was aimed to show how the property of confidentiality, being one of the three basic elements in information security, has been provided. The developed model proposed in the study has been applied on data cluster which has been obtained from real life. Performance of the proposed model has been compared with the performances of Role Based Access Control and Traditional Access Control models. As the obtained results were compared, it was observed that with the proposed model data were provided in a more secure and rapid way to be shared by the users.

show abstract

Information security governance challenges and critical success factors: Systematic review

Cited by 65 publications

References 18 publications

Developing a QFD model for prioritizing the CSFs of ERP based on the enablers of organizational agility

Developing a QFD model for prioritizing the CSFs of ERP based on the enablers of organizational agility

Identity Governance Framework for Privileged Users

Multi-Level Security Model Developed to Provide Data Privacy in Distributed Database Systems

Contact Info

Product

Resources

About