Evaluate information security governance frameworks in cloud computing environment using main and sub criteria

In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. Howev...

Full description

Saved in:
Bibliographic Details
Main Authors: Al-Hashimi M., Al-Nidawi W.J., Othman M., Shakir M., Sulaiman H.
Other Authors: 57195380909
Format: Article
Published: American Scientific Publishers 2023
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Tenaga Nasional
id my.uniten.dspace-24749
record_format dspace
spelling my.uniten.dspace-247492023-05-29T15:26:38Z Evaluate information security governance frameworks in cloud computing environment using main and sub criteria Al-Hashimi M. Al-Nidawi W.J. Othman M. Shakir M. Sulaiman H. 57195380909 57190296377 24824928800 57057236900 54903312800 In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. However, no standard or common criteria have been specified to help organizations in evaluating and selecting the proper cloud computing information security governance framework. Hence, this paper aims to identified the main and sub criteria to help organizations for evaluating the target frameworks. To achieve this aim, a critical review has been conducted to identify the current frameworks. The related frameworks are analyzed to indicate and identify the main and sub criteria that can be used to evaluate the current frameworks and facilitate the frameworks selection process. All criteria will be subjected to an evaluation process via interviews with specialists to define the criteria significance and capability in evaluating and differentiating the existing frameworks. The interview data is analyzed using content analysis method. The analysis of interviews data has found that all the experts agreed that main and sub criteria are very important, 20% of them indicated that these criteria are essential but lack to other sub-criteria such as awareness, valuation of assets and documents control. Furthermore, 70% of the experts indicated that it is difficult to rank the criteria because they have the same importance. Following that, it is recommended that a considerable work is still needed to specify a proper selection method of a suitable cloud computing information security governance framework based on standard or common criteria. Copyright � 2019 American Scientific Publishers All rights reserved. Final 2023-05-29T07:26:38Z 2023-05-29T07:26:38Z 2019 Article 10.1166/jctn.2019.7989 2-s2.0-85066976374 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85066976374&doi=10.1166%2fjctn.2019.7989&partnerID=40&md5=14d591e0f568e26e891584dd3be844f2 https://irepository.uniten.edu.my/handle/123456789/24749 16 3 996 1006 American Scientific Publishers Scopus
institution Universiti Tenaga Nasional
building UNITEN Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Tenaga Nasional
content_source UNITEN Institutional Repository
url_provider http://dspace.uniten.edu.my/
description In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. However, no standard or common criteria have been specified to help organizations in evaluating and selecting the proper cloud computing information security governance framework. Hence, this paper aims to identified the main and sub criteria to help organizations for evaluating the target frameworks. To achieve this aim, a critical review has been conducted to identify the current frameworks. The related frameworks are analyzed to indicate and identify the main and sub criteria that can be used to evaluate the current frameworks and facilitate the frameworks selection process. All criteria will be subjected to an evaluation process via interviews with specialists to define the criteria significance and capability in evaluating and differentiating the existing frameworks. The interview data is analyzed using content analysis method. The analysis of interviews data has found that all the experts agreed that main and sub criteria are very important, 20% of them indicated that these criteria are essential but lack to other sub-criteria such as awareness, valuation of assets and documents control. Furthermore, 70% of the experts indicated that it is difficult to rank the criteria because they have the same importance. Following that, it is recommended that a considerable work is still needed to specify a proper selection method of a suitable cloud computing information security governance framework based on standard or common criteria. Copyright � 2019 American Scientific Publishers All rights reserved.
author2 57195380909
author_facet 57195380909
Al-Hashimi M.
Al-Nidawi W.J.
Othman M.
Shakir M.
Sulaiman H.
format Article
author Al-Hashimi M.
Al-Nidawi W.J.
Othman M.
Shakir M.
Sulaiman H.
spellingShingle Al-Hashimi M.
Al-Nidawi W.J.
Othman M.
Shakir M.
Sulaiman H.
Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
author_sort Al-Hashimi M.
title Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_short Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_full Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_fullStr Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_full_unstemmed Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_sort evaluate information security governance frameworks in cloud computing environment using main and sub criteria
publisher American Scientific Publishers
publishDate 2023
_version_ 1806424224674349056