The paper "Information Security Management System" is a great example of management coursework. The information has and continues to play a vital role in the business environment. Wang (2008 p. 761) writes that information is a major organizational asset. The Decision-making process relies solely on the amount and the accuracy of the information that an organization has gathered. Wang (2008 p. 767) indicates that relevant, specific and correct information can bring a massive difference to the performance and efficiency of an organization. Business organizations rely heavily on gathered information to make marketing decisions and gain competitive advantages.
However, information is susceptible to distortion and theft and the security of valuable information is a major aspect of information systems management. In the 20th century, the security of information was not a major concern as most of the data were transmitted and stored in hard copies. These copies could be stored in secured places hence protecting them from distortion and getting to the wrong hands. However, in this information era, information is gathered, transmitted and stored online using electronic devices. Although this technology has hugely improved management of the information, the security of the data has become an increasing problem in a recent couple of years.
The number of security issues has become rampant in the past one decade and organizations have focused their attention on securing their data and information. According to a study conducted in 2014, information security issues have become daily phenomena around the world (Yeh 481). Cybercriminals and internet hackers have and continue to utilize vulnerable aspects of information systems to access valuable and sensitive information. The research indicates that billions of dollars are lost every year due to online security issues (Yeh 482). Since the beginning of the 21st century, numerous research studies and literature have been made to address information systems security management.
Unfortunately, a large number of research studies have been made by military organizations and have not been made available to the public.
Al-Salihy, Soria. “Effectiveness of information systems security in IT organizations in Malaysia”. Proceedings of 9th Asia-Pacific Conference on Communication (2008) 2 (4), p.716-720. Print
Anderson, Kelton. “Convergence: A holistic approach to risk management”. Network Security, (2007) 5 (7) p. 4-37. Print.
Agnihotri Newal. "Training and Information Technology Issue, 2005." Nuclear Plant Journal (2005) 3 (7), p. 47-78. Print.
Coles-Kemp, Lizzie, and Marianthi Theoharidou. "Insider Threat and Information Security Management." IEEE Security & Privacy (2010), 7 (2) p. 37-89. Print.
Boddy, Mark and Steven Harp. "Course of Action Generation for Cyber Security Using Classical Planning." Computers & Security (2005), 8 (4) p. 67-123. Print.
Bornman, Werner, and Les Labuschagne. "A Framework for Information Security Risk Management Communication." Computers & Security (2005), 38 (5) p. 121-178. Print.
Cone, Benjamin and Thuy D. Nguyen. "A Video Game for Cyber Security Training and Awareness." Computers & Security (2007), 5 (6) p. 47-121. Print.
Eloff, Jan H., and Mariki Eloff. "Information Security Management: a New Paradigm." IEEE Journal on Selected Areas in Communications (2003), 5 (6) p. 121-281. Print
Doherty, Nelson., & Fulford Harrison .”Aligning the information security policy with the strategic information systems plan”. Computer and security (2006) 28 (4) p.55-63. Print
Dhillon, Gurpreet.” Challenges in managing information security in the New Millennium”. Information Security Management: Global Challenges in the New Millennium Hershey, 2001. 9 (8) pp 128-152. Print.
Dark, Melissa J. "Civic Responsibility and Information Security: an Information Security Management, Service Learning Course." Information Management & Computer Security (2004), 21 (5) 48-129. Print.
Gillies, Alan. "Improving the Quality of Information Security Management Systems with ISO27000." The Tqm Journal (2011), 58 (5) p. 98-118. Print.
Hoy, Z., & Foley, A. A Structured approach to integrating to audits to create organizational efficiencies: Total Quality Management $ Business Excellence, 2009, 10 p. 1-13. Print.
Hone, Kelvin “information security policy: what do international security standards say?” Computer and security, (2009) 21 (5) p 402-429. Print.
Julisch, K., & Hall, M. (2010). Security and Control in the Cloud. Information Security Journal A Global Perspective, 19 (6) p. 299-309. Print.
Kwon, Sungho, Sangsoo Jang, and Jaeill Lee. "Study on the General Defects in the Information Security Management System (ISMS)." Isa Transactions (2006), 32 (5) p.42-67. Print.
Khidzir, Nik Z., Azlinah Mohamed, and N. H. Arshad. "Information Security Risk Management: An Empirical Study on the Difficulties and Practices in ICT Outsourcing." Computers & Security (2010),8 (6) p. 57-78 Print.
Nnolim, Anene L., and Annette L. Steenkamp. "An Approach to Information Security Management." Isa Transactions 8 (3) 16-34. Print.
Niekerk, Liesl V., and Les Labuschagne. "The Peculium Model: Information Security Risk Management for the South African SMME." Computers & Security (2006), 4 (3) p. 48- 98. Print.
Onyeji Bazilian & Bronk,Joseph. “Cyber Security and Critical Energy Infrastructure”. The Electricity Journal, 2014 27 (2) p.52–60. Print.
Ouedraogo Mourince., & Mouratidis, Holland. “Selecting a Cloud Service Provider in the age of cybercrime”. Computers & Security, (2013) 38, 3–13. Print.
Liu, Waka, “Empirical-Analysis Methodology for Information-Security Investment and Its Application to Reliable Survey of Japanese”. Firms, Regular Paper, IPSJ Digital Courier, 3: 585–599. Print.
Purser, Samuel. “Improving the ROI of the security management process”. Computers
& Security, (2004) 23(7), 542–546. Print.
Parkin, Simon E., Aad P. Moorsel, and Robert Coles. "An Information Security Ontology Incorporating Human-behavioural Implications." The Tqm Journal (2009): 2 (1) p. 3-16 Print.
Papadaki, Katerina, and Nineta Polemi. "Towards a Systematic Approach for Improving Information Security Risk Management Methods." Computers & Security (2007), 4 (5) p.45-67. Print.
Ralston, Graham, and Lieb Herb. "Cyber Security Risk Assessment for SCADA and DCS Networks." Isa Transactions (2007), 5 (6) p. 127-178.
Solms, Rossouw V. "Information Security Management: Why Standards Are Important." Information Management & Computer Security (2000), 3 (9). P 58-128. Print.
Solms, Rossouw V. "Information Security Management (3): the Code of Practice for Information Security Management (BS 7799)." Information Management & Computer Security (2001), 3 (12), p. 37-129. Print.
Shapiro Varian “ Information Rule”, Harvard Business School Press, 2010, 8 (7) 187-205.
Sundt, Ceros . “Information Security and Law” Information Security Technical Report, 11(1) pp. 7-18. Print.
Schlienger, Thomas, and Stephanie Teufel. "Information Security Culture: The SocioCultural Dimension in Information Security Management." Computers & Security (2002):, 8 (5) p.69-129. Print.
Stepanova, Daria, Simon E. Parkin, and Aad P. Moorsel. "A Knowledge Base for Justified Information Security Decision-making." The Tqm Journal (2009), 8 (5) p. 67-121. Print.
Tanaka Matsuura & Sudoh, Obara. “Vulnerability and Information Security Investment: An Empirical Analysis of e-local”. Government in Japan, Journal of Accounting and Public Policy, Elsevier, 2005 (24): 37-59. Print.
Tu Cheng & James. Yuan. Critical Success Factors Analysis on Effective Information Security Management. Business information management, (2014) 6 (7) 109-121.
Wang Song, “Towards an optimal information security investment strategy, IEEE Conference on Networking”. Sensing and Control 2008 , April 6 (7) pp. 756 – 790.
Vermeulen, Clive, and Rossouw V. Solms. "The Information Security Management Toolbox - Taking the Pain out of Security Management." Information Management & Computer Security (2002), 7 (4) p. 67-120. Print.
Yeh Change. “Threats and countermeasures for information system security”. A cross- industry Study. Information and management (2014) 44 (7) 480-512. Print