Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. Howev...
Saved in:
Main Authors: | , , , , |
---|---|
Other Authors: | |
Format: | Article |
Published: |
American Scientific Publishers
2023
|
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Tenaga Nasional |
id |
my.uniten.dspace-24749 |
---|---|
record_format |
dspace |
spelling |
my.uniten.dspace-247492023-05-29T15:26:38Z Evaluate information security governance frameworks in cloud computing environment using main and sub criteria Al-Hashimi M. Al-Nidawi W.J. Othman M. Shakir M. Sulaiman H. 57195380909 57190296377 24824928800 57057236900 54903312800 In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. However, no standard or common criteria have been specified to help organizations in evaluating and selecting the proper cloud computing information security governance framework. Hence, this paper aims to identified the main and sub criteria to help organizations for evaluating the target frameworks. To achieve this aim, a critical review has been conducted to identify the current frameworks. The related frameworks are analyzed to indicate and identify the main and sub criteria that can be used to evaluate the current frameworks and facilitate the frameworks selection process. All criteria will be subjected to an evaluation process via interviews with specialists to define the criteria significance and capability in evaluating and differentiating the existing frameworks. The interview data is analyzed using content analysis method. The analysis of interviews data has found that all the experts agreed that main and sub criteria are very important, 20% of them indicated that these criteria are essential but lack to other sub-criteria such as awareness, valuation of assets and documents control. Furthermore, 70% of the experts indicated that it is difficult to rank the criteria because they have the same importance. Following that, it is recommended that a considerable work is still needed to specify a proper selection method of a suitable cloud computing information security governance framework based on standard or common criteria. Copyright � 2019 American Scientific Publishers All rights reserved. Final 2023-05-29T07:26:38Z 2023-05-29T07:26:38Z 2019 Article 10.1166/jctn.2019.7989 2-s2.0-85066976374 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85066976374&doi=10.1166%2fjctn.2019.7989&partnerID=40&md5=14d591e0f568e26e891584dd3be844f2 https://irepository.uniten.edu.my/handle/123456789/24749 16 3 996 1006 American Scientific Publishers Scopus |
institution |
Universiti Tenaga Nasional |
building |
UNITEN Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Tenaga Nasional |
content_source |
UNITEN Institutional Repository |
url_provider |
http://dspace.uniten.edu.my/ |
description |
In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. However, no standard or common criteria have been specified to help organizations in evaluating and selecting the proper cloud computing information security governance framework. Hence, this paper aims to identified the main and sub criteria to help organizations for evaluating the target frameworks. To achieve this aim, a critical review has been conducted to identify the current frameworks. The related frameworks are analyzed to indicate and identify the main and sub criteria that can be used to evaluate the current frameworks and facilitate the frameworks selection process. All criteria will be subjected to an evaluation process via interviews with specialists to define the criteria significance and capability in evaluating and differentiating the existing frameworks. The interview data is analyzed using content analysis method. The analysis of interviews data has found that all the experts agreed that main and sub criteria are very important, 20% of them indicated that these criteria are essential but lack to other sub-criteria such as awareness, valuation of assets and documents control. Furthermore, 70% of the experts indicated that it is difficult to rank the criteria because they have the same importance. Following that, it is recommended that a considerable work is still needed to specify a proper selection method of a suitable cloud computing information security governance framework based on standard or common criteria. Copyright � 2019 American Scientific Publishers All rights reserved. |
author2 |
57195380909 |
author_facet |
57195380909 Al-Hashimi M. Al-Nidawi W.J. Othman M. Shakir M. Sulaiman H. |
format |
Article |
author |
Al-Hashimi M. Al-Nidawi W.J. Othman M. Shakir M. Sulaiman H. |
spellingShingle |
Al-Hashimi M. Al-Nidawi W.J. Othman M. Shakir M. Sulaiman H. Evaluate information security governance frameworks in cloud computing environment using main and sub criteria |
author_sort |
Al-Hashimi M. |
title |
Evaluate information security governance frameworks in cloud computing environment using main and sub criteria |
title_short |
Evaluate information security governance frameworks in cloud computing environment using main and sub criteria |
title_full |
Evaluate information security governance frameworks in cloud computing environment using main and sub criteria |
title_fullStr |
Evaluate information security governance frameworks in cloud computing environment using main and sub criteria |
title_full_unstemmed |
Evaluate information security governance frameworks in cloud computing environment using main and sub criteria |
title_sort |
evaluate information security governance frameworks in cloud computing environment using main and sub criteria |
publisher |
American Scientific Publishers |
publishDate |
2023 |
_version_ |
1806424224674349056 |