A Conceptual Model of an Information Security Domain Knowledge Base

Information Security breaches and threats continue to grow worldwide. Securing information systems issues persist despite the development of several Information security standards. The low adoption rate of these security standards is one of the main contributing factors for this growing problem. As emerging economies seek to be a part of the digital economy it is prudent that they make information security a priority. The lack of effective Information Security Strategies in developing countries has resulted in these countries facing the problem of becoming targets for cyber criminals. In this research we present a Conceptual Model and a design of an Information Security Domain Knowledge Base (InfoSec DKB) that can assist in developing and managing information security strategies. This design is based on a combination of decision making, security and auditing frameworks, namely concepts of the Value Focused Thinking (VFT) approach used in decision making, the Guidelines for Management of IT security (ISO/IEC 27001), Control Objectives for Information and Related Technologies (COBIT)

The Measurement Of Corporate IT Security Against The Internal Perspective

Technology is growing the impact of this technological advances, the Information Technology world at the company is competing to perform a good performance for the company. The level of security in the system in the company becomes important to note because the company has thousands of useful data for the company. The relationship between IT and business processes is closely related to each other and need each other. So in this study pharmaceutical companies located in Jakarta will make measurements of their IT security level and performance of the company's performance. Results maturity level obtained on the DS5 is 1.4, DS7 is 1, DS10 is 1.7, DS11 is 2, and DS13 is 1.8. TI can be concluded that DS5 and DS7 are still initial / ad-Hoc while DS10, DS11, & DS13 are still repeatable but intuTIive. Expected level is Level 3 for the company. IT can be concluded that IT governance in this company in terms of security has effectiveness but not yet maximally in the purpose of its business process, hence this research done to become evaluation company to improve their IT governance.Technology is growing the impact of this technological advances, the Information Technology world at the company is competing to perform a good performance for the company. The level of security in the system in the company becomes important to note because the company has thousands of useful data for the company. The relationship between IT and business processes is closely related to each other and need each other. So in this study pharmaceutical companies located in Jakarta will make measurements of their IT security level and performance of the company's performance. Results maturity level obtained on the DS5 is 1.4, DS7 is 1, DS10 is 1.7, DS11 is 2, and DS13 is 1.8. TI can be concluded that DS5 and DS7 are still initial / ad-Hoc while DS10, DS11, & DS13 are still repeatable but intuTIive. Expected level is Level 3 for the company. IT can be concluded that IT governance in this company in terms of security has effectiveness but not yet maximally in the purpose of its business process, hence this research done to become evaluation company to improve their IT governance

The Measurement Of Corporate IT Security Against The Internal Perspective

Technology is growing the impact of this technological advances, the Information Technology world at the company is competing to perform a good performance for the company. The level of security in the system in the company becomes important to note because the company has thousands of useful data for the company. The relationship between IT and business processes is closely related to each other and need each other. So in this study pharmaceutical companies located in Jakarta will make measurements of their IT security level and performance of the company's performance. Results maturity level obtained on the DS5 is 1.4, DS7 is 1, DS10 is 1.7, DS11 is 2, and DS13 is 1.8. TI can be concluded that DS5 and DS7 are still initial / ad-Hoc while DS10, DS11, & DS13 are still repeatable but intuTIive. Expected level is Level 3 for the company. IT can be concluded that IT governance in this company in terms of security has effectiveness but not yet maximally in the purpose of its business process, hence this research done to become evaluation company to improve their IT governance.Technology is growing the impact of this technological advances, the Information Technology world at the company is competing to perform a good performance for the company. The level of security in the system in the company becomes important to note because the company has thousands of useful data for the company. The relationship between IT and business processes is closely related to each other and need each other. So in this study pharmaceutical companies located in Jakarta will make measurements of their IT security level and performance of the company's performance. Results maturity level obtained on the DS5 is 1.4, DS7 is 1, DS10 is 1.7, DS11 is 2, and DS13 is 1.8. TI can be concluded that DS5 and DS7 are still initial / ad-Hoc while DS10, DS11, & DS13 are still repeatable but intuTIive. Expected level is Level 3 for the company. IT can be concluded that IT governance in this company in terms of security has effectiveness but not yet maximally in the purpose of its business process, hence this research done to become evaluation company to improve their IT governance

Qos-Security Metrics Based on ITIL and COBIT Standard for Measurement Web Services

Web Services have been widely adopted in business projects, and almost all Web Service developers agree that security factors are the principal components that must be taken into consideration. A large number of security metrics and measurements is available for specific business needs, and the best practice for different business demands is therefore needed if the quality of service security metrics (Qos-SM) is to be developed. This research proposes a new way of developing Qos-SM using Qos ontology mapping with two information system standards, COBIT and ITIL, as a result of which new Qos-SM are developed. In order to prove the correctness and precision of the metrics, the researchers have used the metrics to measure the level of security quality from Web service data sets. The experimental results, based on vector analysis, show that the same level of security quality is attained with both of the metrics developed and the metrics from previous research. This research also represents the metrics in the form of a class diagram, thus facilitating its application in the organization

Qos-Security Metrics Based on ITIL and COBIT Standard for Measurement Web Services

Abstract: Web Services have been widely adopted in business projects, and almost all Web Service developers agree that security factors are the principal components that must be taken into consideration. A large number of security metrics and measurements is available for specific business needs, and the best practice for different business demands is therefore needed if the quality of service security metrics (Qos-SM) is to be developed. This research proposes a new way of developing Qos-SM using Qos ontology mapping with two information system standards, COBIT and ITIL, as a result of which new Qos-SM are developed. In order to prove the correctness and precision of the metrics, the researchers have used the metrics to measure the level of security quality from Web service data sets. The experimental results, based on vector analysis, show that the same level of security quality is attained with both of the metrics developed and the metrics from previous research. This research also represents the metrics in the form of a class diagram, thus facilitating its application in the organization