Jimma University Open access Institutional Repository

A Socio-Technical Analysis of Information Systems Security Assurance A Case Study for Effective Assurance

Show simple item record

dc.contributor.author Job Asheri
dc.date.accessioned 2020-12-31T07:54:19Z
dc.date.available 2020-12-31T07:54:19Z
dc.date.issued 2006
dc.identifier.uri https://repository.ju.edu.et//handle/123456789/4548
dc.description.abstract This thesis examines the concepts of Information System (IS) security assurance using a socio-technical framework. IS security assurance deals with the problem of estimating how well a particular security system will function efficiently and effectively in a specific operational environment. In such environments, the IS interact with other systems such as ethical, legal, operational and administrative. Security failure in any of these systems may result in security failure of the whole system. In this thesis a socio-technical framework is used to examine culture, usability problems, security internal controls, security requirements and re-use of security requirements of TANESCO IS systems. TANESCO is the energy utility company in Tanzania where the case study was conducted. Results show that culture affects the way people approach IS security. Also results show that the socio-technical framework is effective in modeling systems security and its environment. The re-use of security requirements is also shown to significantly minimise the time taken when developing and improving security requirements for an IS. The overall purpose of this thesis has been to develop a framework for information systems security assurance. The resulting framework of thinking brings together numerous assurance concepts into a coherent explanation that should be useful for any organisation or evaluators seeking to understand the underlying principals of systems security assurance. It contains organisational, cultural, and technical issues that should be looked at when considering and applying systems security assurance methods and techniques. en_US
dc.language.iso en en_US
dc.title A Socio-Technical Analysis of Information Systems Security Assurance A Case Study for Effective Assurance en_US
dc.type Thesis en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search IR


Browse

My Account