Universiti Teknologi Malaysia Institutional Repository

Insider threat risk management framework

Mohd. Ambar, Mohd. Hafiz (2012) Insider threat risk management framework. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information System.

[img]
Preview
PDF
1MB

Abstract

In an organization which is actively involved in administrative or management work, data is the most valuable asset. Without proper preparation and adequate knowledge, those asset will be exposed at high risk to threat. Office of Student Affairs is the main office of the university management. It handled a lot of sensitive data and information that can be manipulated by unscrupulous people for personal gain. Any negative impact on the information can affect an organization's operations and organizational performance. The most worrying threat is caused by the insiders themselves. Threats from people inside can be specified to both technical and non technical. This problem is difficult to overcome but with the effective measures can reduce this risk to a greater minimum. Implementing risk management framework into the organization a good alternative. By creating a framework for information security that specific to an organization can help reduce this problem by deliver a practical guideline for everyday practices. The processes to produce this framework are going through selecting common feature available in existing framework. Exiting framework process was merging depending on the selected feature and threat to produce a framework that focus on UTM office of Student Affair. Those risk management framework design were specific for UTM office of Student Affair work flow by aiding and assist the organization towards securing their data confidentiality, integrity and availability.

Item Type:Thesis (Masters)
Additional Information:Thesis (Sarjana Sains Komputer (Keselamatan Maklumat)) - Universiti Teknologi Malaysia, 2012; Supervisor : Dr. Norafida Ithnin
Uncontrolled Keywords:risk management, organizational performance, integrity
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System
ID Code:32186
Deposited By: Narimah Nawil
Deposited On:21 Jun 2013 08:16
Last Modified:27 Apr 2018 01:18

Repository Staff Only: item control page