Defining Information Security As a Policy
Abstract
This report is a bachelor thesis created for the Technology Center as a part of the Software
Engineering and Management programme at the IT University of Göteborg.
The report deals with the problem of security issues in organizations with wast amounts of
data. The question at issue asked what could be done to increase information security for
the Technology Center at the IT University of Göteborg.
While solving the problem the report presents the Technology Center and what their ITresources
is and why they should be secured. The author describes the method used to
gather data that was used in a risk assessment and analysis.
The next part in the authors struggle to increase information security was to create an
information security policy. The policy is a document that all members and users of the
Technology Center should read and follow as it has rules and guidelines that can help the
organization minimize the risks found in the analysis.
The author recommends that the organization as future research creates more formal
supporting policies that focus more on a single subject like network- or user management.
Degree
Kandidatuppsats
Bachelor thesis
View/ Open
Date
2008-07-03Author
Pettersson, Göran
Series/Report no.
Report/IT University
2008:070
Language
eng