Ke arah implementasi sistem polisi keselamatan ICT kajian kes : Pusat Teknologi Maklumat dan Komunikasi

Abstract

Breach of safety incidence occurs frequently to organization that own internet connections especially if it is a public internet service facility. The problem exist to CICT-UTM as well as other government organization in preparing the internet connection to users. The study is based on questionaires of respondents at CICT that concluded that the internet security problem may be reduced by implementing an ICT policy, give an awareness to users globally and fully enforced the strict policy to users. Even though that on-shelf security and policy system are existed in the market, but mostly is about and focusing on the evaluation of the risk and managing the risk. This difficulty has made the IT management of the faculty and centres in UTM making their own initiatives by making and implementing the policy that only suit their own requirement. For example, PSZ-UTM is enforcing their own developed ICT policy and enforcing it by policing the user frequently. This projects is about developing, preparing and designing a system for ICT security policy that will assist the security implementer around the UTM-Campus. It will also assume that CICT will act as ICT security policy secretariat with the role of preparing the comprehensive safety policy documentations. The security policy document created in the thesis is in compliance with international standard organization of ISO27011 and Policy of Security of Information Technology and Communication for Public Sector produced by MAMPU. A web based ICT safety policy system develop in the projects will assist the internet administrator in providing a better and effective services in UTM.