Janez Pirc (2010) Security Policy Development and Deployment: a Case Study. EngD thesis.
The diploma thesis describes the development and deployment of three security policies for a company with more than thousand employees and several locations throughout Slovenia. The thesis begins with a detailed description of the company's environment and the perception of security – related problems. After that, the fundamental characteristics of information security and security policies are reviewed. A special focus is given on the meaning of effectiveness and deployment of security policies in a company’s practice. In this sense, the possible reasons and consequences of an unsuccessful deployment are also presented, followed by a review of two international standards dealing with security policies. In the last part of the thesis, the core ideas of proposed security policies are explained together with their relation to existing documentation in the company. Additionally, we include a short discussion on more restrictive rules, which would probably make the policy less efficient. A step by step description of the necessary activities for deploying the security policies and additions to the existing documentation is given at the end.
|Item Type: ||Thesis (EngD thesis)|
|Keywords: ||security policy, standard ISO 27002:2005, The Standard of Good Practice for Information Security, policy architecture, risk assessment, information security|
|Number of Pages: ||61|
|Language of Content: ||Slovenian|
|Mentor / Comentors: |
|Name and Surname||ID||Function|
|doc. dr. Mojca Ciglarič||256||Mentor|
|Link to COBISS: ||http://www.cobiss.si/scripts/cobiss?command=search&base=50070&select=(ID=7687764)|
|Institution: ||University of Ljubljana|
|Department: ||Faculty of Computer and Information Science|
|Item ID: ||1059|
|Date Deposited: ||15 Apr 2010 11:03|
|Last Modified: ||13 Aug 2011 00:37|
Actions (login required)