Original Research
The management of information security: A South African case study
South African Journal of Business Management | Vol 34, No 2 | a679 |
DOI: https://doi.org/10.4102/sajbm.v34i2.679
| © 2018 L. C.H. Fourie
| This work is licensed under CC Attribution 4.0
Submitted: 12 October 2018 | Published: 30 June 2003
Submitted: 12 October 2018 | Published: 30 June 2003
About the author(s)
L. C.H. Fourie, Graduate School of Business, University of Stellenbosch, South AfricaFull Text:
PDF (246KB)Abstract
The growing misuse of information technology and the increased dependence on computer technology and systems heightened the requirements for information security. Unfortunately there often is a feeling of apathy towards information security by management, which leads to an ad hoc approach to information security and resultant information and financial losses.
The main objective of the research thus was to determine the current state of information security at a large manufacturing company in South Africa. The methodology entailed a field study of which three sets of structured questionnaires on information security were an important component. Based on a literature study concerning the ideal information security and control situation and the results of the three sets of questionnaires it was possible to determine the gap, problem areas and issues of information security and control at the manufacturing company. The research clearly indicated that numerous areas for improvement exist and therefore proposes a framework for the management of information security. Although a completely secure information system may not be attainable, the valuable information asset can to a large extent be protected through proper management.
The main objective of the research thus was to determine the current state of information security at a large manufacturing company in South Africa. The methodology entailed a field study of which three sets of structured questionnaires on information security were an important component. Based on a literature study concerning the ideal information security and control situation and the results of the three sets of questionnaires it was possible to determine the gap, problem areas and issues of information security and control at the manufacturing company. The research clearly indicated that numerous areas for improvement exist and therefore proposes a framework for the management of information security. Although a completely secure information system may not be attainable, the valuable information asset can to a large extent be protected through proper management.
Keywords
No related keywords in the metadata.
Metrics
Total abstract views: 1795Total article views: 761
Crossref Citations
1. A Model of Information Assurance Benefits
Jean-Noël Ezingeard, Elspeth McFadzean, David Birchall
Information Systems Management vol: 22 issue: 2 first page: 20 year: 2005
doi: 10.1201/1078/45099.22.2.20050301/87274.3