StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Information Security Management System in Business Organizations in Saudi Arabia - Thesis Proposal Example

Cite this document
Summary
This paper 'Information Security Management System in Business Organizations in Saudi Arabia' tells us that information is considered to be an important asset for business organization in the modern world. Along with the advancement of technology, new methods and techniques also prevail that threaten the confidentiality…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER98.7% of users find it useful
Information Security Management System in Business Organizations in Saudi Arabia
Read Text Preview

Extract of sample "Information Security Management System in Business Organizations in Saudi Arabia"

?Research Proposal: Information security management system in business organizations in Saudi Arabia Information is considered to be an important asset for any business organization in the modern competitive world. Along with the advancement and benefits of technology, new methods and techniques also prevail that threaten the confidentiality, availability and integrity of data. Incompetent business processes and operations also threaten the intellectual assets of the organization. It is due to these reasons that the information security management systems have become vital for organizations. Saudi Arabia is considered to be in the initial phases of the integration of technology in their business organizations. The paper will evaluate the status of the integration of information security in the organizations and the reasons for minimal adaptation of the respective system in the region. The paper will also include some productive techniques that can improve the position of information security management systems in Saudi business organizations. 1. Problem Statement The advent of computers has caused revolutionary changes in the way businesses are run. Information management systems have given a structured format to the business processes and operations. The intellectual assets of the company get organized into standard formats due to the integration of information technology. However, along with these benefits of IT incorporation, there exist concerns regarding the security and privacy of the intellectual assets that are maintained by the IT infrastructure. Confidentiality of the data is feared as the exposure of company’s data (to malicious intent users) can cause serious harm to the organization’s position in the market. Integrity of the data is valuable to the organization so that it is not modified by any source and thus, does not mislead the organization into making wrong decisions. Availability of the data is important to make it useful in the hour of need by the concerned authorities for effective decision making. It is due to some of these concerns that information security management systems have been devised and widely implemented in business organizations around the world. According to Tipton and Krause (2008); information security management system is defined as the set of steps that are undertaken to manage and safeguard the confidentiality, integrity and availability of the intellectual assets and data of the organization. Over the years, information security management systems have gained much fame and acceptance since all organizations want to ensure that their data is not threatened and manipulated at any level. The domain of information security management system has mostly been researched and adapted by Western countries like USA, UK and Australia. Countries like Saudi Arabia are relatively behind these developed countries in the criteria of incorporating technology in their business organizations. 2. Research Objectives The research of the proposed title will be conducted according to the following research objectives: To investigate the level of awareness of the Saudi business organizations about the need of implementing an information security management system. To research the different aspects that might be the cause of variation of endeavours for the integration of information security management systems between the Western countries and Saudi Arabia. To investigate the organizational processes that can increase the awareness and applications of information security management systems in Saudi business organizations. 3. Literature Review Before the proposal of some effective strategies, it is important to analyze the reasons of non-compliance with the information security management procedures in business organizations in Saudi Arabia. The respective country has shown commitment towards the incorporation and progress of information technology in their region. According to Ministry of Communications and Information Technology (2006), they even developed a National Communication and IT plan in 2005. It comprised of a five year plan and a ten year plan to ensure consistent growth in the respective field. Many of the organizations have opted for information management systems to manage their business processes; however, Hill, Loch, Straub and El-sheshai (1998) stated that there exists a lack of commitment towards the information security in the Saudi Arabian culture. Alnatheer and Nelson (2009) pointed out that this vulnerability to their intellectual assets and data can cause serious threats to their business organizations and government agencies since technology has intervened in almost all fields of life. Hofstede (2001) stated that the national culture of any region influences the organizational behaviour and culture. Tamas (2007) explained the five dimensions of culture that are known as Hofstede’s dimensions; Power distance, the extent to which the people with lesser authority acknowledge their status in the society. It is also referred to as the degree of acceptance of the unequal distribution of power in the society. Individualism, the strength of the ties between the people in the society. Individualism also promotes the concept of being concerned with self interests more than the betterment of the whole group or society. Masculinity, the extent to which the traits of competitiveness and aggression are favoured more than the development of relations. Uncertainty avoidance, the extent to which the people in the society accept and tolerate uncertainty. It refers to the capability of the people of a certain culture to take risks. Long term orientation, the extent to which the people practice long term commitment to their customs and values. According to Chadhar and Rahmati (2004), Saudi Arabia has been witnessed to possess a culture with high power distance, high uncertainty avoidance, low individualism, low masculinity and high long term orientation. These aspects prove to be barriers in the implementation of new technologies in the organizations and transformation of the people of the society into competitive individuals who would strive for better and more secure organizational cultures. It has been found that culture has a relationship with the formulation of security policies and implementation of information security management. Schlienger and Teufel (2002) stated that culture tends to have an effect on the information security policies and measures to ensure privacy of individuals and their data. He also stated that the security culture of a region comprises of the social and ethical actions that are required to enhance the information security in organizations. The awareness and realization of the importance of security tends to change the behaviours of individuals in the organization and makes the security compliant actions as a part of their routine operations. CISCO (2007) explained that the development of a security culture in the organization is important for the implementation of an effective information security management system. Alfawaz, Nelson and Mohannak (2010) stated that the top management of the organization needs to show their consistent commitment towards the incorporation of information security management system in their organization. He also stated that effective training programs need to be organized to create awareness about the required security measures in routine business processes in the organization. He placed great stress on the compliance to the information security standards and formulation of information security policies. Alfawaz, Nelson and Mohannak (2010) agreed with the relation and influence of national culture on the incorporation of information security management in the organization. Therefore, he proposed that the environmental traits should be identified that prove to be barriers in the process and devise plans and policies to overcome them. Schlienger and Teufel (2002) proposed techniques on the same lines as Alfawaz, Nelson and Mohannak (2010) and stated that the eradication of the negative environmental effects can result in the formulation of an effective security culture in the business organization. 4. Research Procedure A deductive research approach will be used to evaluate the different reasons for minimum implementation of information security management systems in business organizations in Saudi Arabia. The cultural aspects and dimensions of Saudi Arabia shall be studied in further detail to highlight their possible effects, thus proving to be hindrances in the adoption of the respective systems. The information security management system of a Saudi business organization shall be studied in detail to evaluate its effectiveness as compared to the successful practices of western organizations. Most effective techniques and approaches shall be researched that can facilitate the formation of information security processes in a way that it becomes a part of the routine for the employees. 5. Research Resources The following resources shall be utilized for the study of the proposed topic of research: Case Studies: Several case studies shall be consulted for the knowledge of successful practices that are adapted by organizations for the incorporation of information security management systems. Literature Review: Research will be done with the help of secondary data (available in published papers and conference proceedings). Online and offline articles: Relevant management and information security magazines shall be utilized for the research of the proposed title. 6. Ethical Aspects of the Research It is assured that the content of the report will not be copied from any source or individual. The analysis of the research findings shall be a result of self-comprehension of the studied materials, whereas due credit will be given to the authors whenever their work is included in the research. Any organizational data will not be used for false purposes and its usage will be limited to the extent of this paper. References Alfawaz, S., Nelson, K & Mohannak, K 2010, ‘Information security culture: A Behaviour Compliance Conceptual Framework’, Australasian Information Security Conference (AISC), Vol 105. Alnatheer, M & Nelson, KJ 2009, ‘A Proposed Framework for Understanding Information Security Culture and Practices in the Saudi Context’, 7th Australian Information Security Management Conference, 1-3 December 2009, Kings Perth Hotel, Perth. Chadhar, MA & Rahmati, N 2004, ‘Impact of national culture on ERP systems success’, Second Australian Undergraduate Students’ Computing Conference, Melbourne, Australia. CISCO 2007, Measuring and evaluating an effective security culture, Cisco Public Information. Hofstede, G 2001, Culture's Consequences: Comparing Values, Behaviors, Institutions, and Organizations Across Nations. Thousand Oaks, Calif: Sage Publications Hill, C., Loch, K, Straub DW & El-sheshai, K 1998, ‘A Qualitative Assessment of Arab Culture and Information Technology Transfer’, Journal of Global Information Management, 6(3), 29-38 Ministry of Communications and Information Technology 2006, The National Communications and Information Technology Plan. The Vision towards the Information Society, viewed 26 February 2011, Schlienger, T & Teufel, S 2002, ‘Information Security Culture: The Socio-Cultural Dimension in Information Security Management’, Security in the Information Society: Visions and Perspectives. Tipton, HF & Krause, M 2008, Information Security Management Handbook, Sixth Edition, Volume 2, Auerbach Publications, New York. Tamas, A 2007, Geert Hofstede's Dimensions of Culture And Edward T. Hall's Time Orientations, viewed 27 February 2011, Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information security management system in business organisations in Thesis Proposal”, n.d.)
Retrieved from https://studentshare.org/health-sciences-medicine/1409177-information-security-management-system-in-business
(Information Security Management System in Business Organisations in Thesis Proposal)
https://studentshare.org/health-sciences-medicine/1409177-information-security-management-system-in-business.
“Information Security Management System in Business Organisations in Thesis Proposal”, n.d. https://studentshare.org/health-sciences-medicine/1409177-information-security-management-system-in-business.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information Security Management System in Business Organizations in Saudi Arabia

Financial Reporting Practices in a Developing Country

The concept of corporate governance achieved acknowledgment since the 1980's, when corporate organizations began exercising it as a benchmark ethical measure intended for accounting and financial reporting in addition to other fair practices.... The concept of corporate governance achieved acknowledgment since the 1980's, when corporate organizations began exercising it as a benchmark ethical measure intended for accounting and financial reporting in addition to other fair practices....
36 Pages (9000 words) Dissertation

Application of EBusiness in Saudi Arabia

This paper ''Application of EBusiness in saudi arabia'' tells us that E-business describes the act of a business utilizing an electronic network in the improvement of business processes or systems.... Factors that affect the adoption of the technology in saudi arabia include the financial position of the business.... This paper reviews the role of e-business in promoting modern business and reviews opportunities for future research on e-business with a focus on Eastern Province, saudi arabia....
24 Pages (6000 words) Research Paper

The Transactions of Governmental Authorities

The satisfaction level of e-government in saudi arabia Table of Contents Abstract 3 Background 3 Research Aim 4 Research Objectives 5 Research Questions 5 Literature Review 6 Review of Research Methodology 9 Project Plan 11 References 12 Appendices 14 Abstract The increase of complexity in the transactions of governmental authorities worldwide has led governments in most countries to adopt e-government schemes, which would result to a series of benefits for both the states and the citizens....
10 Pages (2500 words) Dissertation

Computer and Information Technology Ethics in Saudi Arabian Business Organizations: Attitudes and Approaches

This study focuses on the ethical measures reflected in the information technology within organizations in the Arab countries particularly highlighting the region of saudi arabia.... This report ''Computer and Information Technology Ethics in saudi Arabian Business Organizations: Attitudes and Approaches'' focuses on certain theoretical study work based on the institutional theories on IT and organizational learning to provide with a fundamental understanding on the ethical issues related to information systems....
8 Pages (2000 words) Report

Performance and Guanxi Effect on Job Security to Reduce Turnover Intention in Saudi Arabia

The aim of this paper is to examine effects of performance and Guanxi effect on job security to reduce turnover intention in saudi arabia.... The research tries to show the relationship between Guanxi and turnover intentions of the workers in the saudi Arabian private employment sector that has been controversial for a long time.... saudi Arabian people to a high degree respect their cultural heritages, with the largest population being Muslims and the state has a monarchical government....
15 Pages (3750 words) Research Proposal

Computer and Information Technology Ethics in Saudi Arabian Business Organizations

Research Framework:To study the ethical codes maintained in organizations in saudi arabia in the context of the use of computers and IT, this report focuses on certain theoretical study work based on the institutional theories on IT and organizational learning to provide a fundamental understanding of the ethical issues related to information systems.... The study has taken into consideration certain literature reviews and a few companies in the region of Saudi Arabia have been taken as case studies reflecting the ethical practices in business organizations on the use of computers and information technology....
8 Pages (2000 words) Case Study

Labor Market Issues

In order to have a critical evaluation of the employment relationships and varying labor markets in the hospitality industry in saudi arabia, a comparison is made with other countries.... This implies that multi-cultural diversity is yet to be considered an important subject of discussion within the hospitality and tourism industry of South Africa, unlike in saudi arabia where Saudization of jobs is promoted among Saudi nationals.... The social and cultural values of saudi arabia make the Saudis potentially participate in the hotel workforce....
8 Pages (2000 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us