Comprehensive Report: Cyber Security Planning and Compliance at KPMG
VerifiedAdded on 2021/06/17
|11
|3109
|30
Report
AI Summary
This report, prepared for KPMG Australia, examines the implementation of an Information Security Management System (ISMS) to enhance cyber security planning and compliance. It begins with an executive summary and introduction, setting the stage for a discussion of ISMS requirements, which ...
Read More
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
RUNNING HEAD: Cyber security Planning and Compliance 0
KPMG
Cyber security Planning and Compliance
KPMG
Cyber security Planning and Compliance
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Cyber security Planning and Compliance 1
Executive Summary
The usage of networking technology has enhanced operational efficiency but has augmented
risk related to the information accessible within the business. To protect confidential facts of
company and customers there is need of information security management systems (ISMS).
An ISMS minimizes the risk of unauthorised access and ensures effective deployment of
protective measures. It provides a framework to improve performance in managing
information security. I have been appointed consultant for KPMG Australia. Being a
consultant advices are given to the company regarding the implementation of ISMS
(Information Security Management Systems). In this report specific guidelines are given for
the execution of ISMS. The details of ISO/IEC 27004 and ISO/IEC 27009 are provided in
order to advice for the company. In this report the background of KPMG is given. Along with
the background, ISMS requirements are discussed which keeps sensitive information of
company secure such as confidential information of customers and company’s information
and data. Further the information security controls are explained. Finally the scope of
performance evaluation and improvement is provided.
Executive Summary
The usage of networking technology has enhanced operational efficiency but has augmented
risk related to the information accessible within the business. To protect confidential facts of
company and customers there is need of information security management systems (ISMS).
An ISMS minimizes the risk of unauthorised access and ensures effective deployment of
protective measures. It provides a framework to improve performance in managing
information security. I have been appointed consultant for KPMG Australia. Being a
consultant advices are given to the company regarding the implementation of ISMS
(Information Security Management Systems). In this report specific guidelines are given for
the execution of ISMS. The details of ISO/IEC 27004 and ISO/IEC 27009 are provided in
order to advice for the company. In this report the background of KPMG is given. Along with
the background, ISMS requirements are discussed which keeps sensitive information of
company secure such as confidential information of customers and company’s information
and data. Further the information security controls are explained. Finally the scope of
performance evaluation and improvement is provided.
Cyber security Planning and Compliance 2
Contents
Executive Summary...................................................................................................................1
Introduction................................................................................................................................3
ISMS requirements.....................................................................................................................3
The information security controls..............................................................................................5
Performance evaluation and improvement.................................................................................6
Conclusion..................................................................................................................................8
References..................................................................................................................................9
Contents
Executive Summary...................................................................................................................1
Introduction................................................................................................................................3
ISMS requirements.....................................................................................................................3
The information security controls..............................................................................................5
Performance evaluation and improvement.................................................................................6
Conclusion..................................................................................................................................8
References..................................................................................................................................9
Cyber security Planning and Compliance 3
Introduction
Cyber security is such a big challenge for the companies. The cyber security standards
compliance is supported by the cyber security strategy of Australia 2009. But more
challenging thing is to understand from where to start. To win over this challenge the
companies have adopted international standards. ISO 27001 ISMS are helpful in
implementing an information security management system. It is starting point to tackle cyber
security and protection against the increasing cyber-attacks. An ISMS is a efficient approach
used to manage sensitive information of company to keep it secure. This approach
implements, monitors, reviews and improves information security of an organisation to
achieve it’s business objectives. It includes people, procedures and IT systems by applying a
risk management approach. An ISMS is helpful to all type of companies whether it’s small,
medium or large. KPMG is a professional company and provider of risk, financial, advisory,
audit, tax and regulatory services. The cyber security team at KPMG assists organisation in
transforming security, privacy and controlling business enabling platforms (Knowles, et. al.
2015). The system maintains confidentiality, reliability and availability of critical business
functions. An ISMS system manages information security in KPMG. The system integrates,
keep confidential and make available information and data all the time. The information
system is expected to change over time.
ISMS requirements
An ISMS is a systematic approach required to eliminate threats such as fraud, disruption, fire
from a wide range of sources. The ISMS framework contains policies and procedures to
tackle security risks in an organisation. It minimises security risks to information assets. An
ISMS includes three basic concepts that is confidentiality, integrity and availability
(Kolkowska, Karlsson & Hedström, 2017). The requirements/ implementation of ISMS in
KPMG can be understood from these points:
To protect assets and reputation of business:
AN ISMS covers people, process and IT systems and it is not all about antivirus software.
An ISMS helps to protect KPMG against the various types of information security threats like
cyber-attacks, data leakage or stealing (Safa, Von Solms & Furnell, 2016). It protects assets
and reputation of business. The effective security measure adopted by company minimises
Introduction
Cyber security is such a big challenge for the companies. The cyber security standards
compliance is supported by the cyber security strategy of Australia 2009. But more
challenging thing is to understand from where to start. To win over this challenge the
companies have adopted international standards. ISO 27001 ISMS are helpful in
implementing an information security management system. It is starting point to tackle cyber
security and protection against the increasing cyber-attacks. An ISMS is a efficient approach
used to manage sensitive information of company to keep it secure. This approach
implements, monitors, reviews and improves information security of an organisation to
achieve it’s business objectives. It includes people, procedures and IT systems by applying a
risk management approach. An ISMS is helpful to all type of companies whether it’s small,
medium or large. KPMG is a professional company and provider of risk, financial, advisory,
audit, tax and regulatory services. The cyber security team at KPMG assists organisation in
transforming security, privacy and controlling business enabling platforms (Knowles, et. al.
2015). The system maintains confidentiality, reliability and availability of critical business
functions. An ISMS system manages information security in KPMG. The system integrates,
keep confidential and make available information and data all the time. The information
system is expected to change over time.
ISMS requirements
An ISMS is a systematic approach required to eliminate threats such as fraud, disruption, fire
from a wide range of sources. The ISMS framework contains policies and procedures to
tackle security risks in an organisation. It minimises security risks to information assets. An
ISMS includes three basic concepts that is confidentiality, integrity and availability
(Kolkowska, Karlsson & Hedström, 2017). The requirements/ implementation of ISMS in
KPMG can be understood from these points:
To protect assets and reputation of business:
AN ISMS covers people, process and IT systems and it is not all about antivirus software.
An ISMS helps to protect KPMG against the various types of information security threats like
cyber-attacks, data leakage or stealing (Safa, Von Solms & Furnell, 2016). It protects assets
and reputation of business. The effective security measure adopted by company minimises
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Cyber security Planning and Compliance 4
the financial and reputation damage. The weak security measures are responsible for the
financial and reputational damage.
To comply with latest regulatory requirements:
An ISMS safeguards the implementation of proper security control with the latest business
requirements such as legal, contractual and regulatory. It obeys cyber security laws like
general data protection regulation (Can, 2015).
To minimise penalties and losses with data breaches:
An ISMS is a systematic way to manage risk and enables organisation to make informed
decisions. It reduces the risk of financial penalties and losses which is caused by the breach
of data due to noncompliance with information security requirements (Tatiara, Fajar, Siregar
& Gunawan, 2018). There is huge cost charged for the data breach in country.
To gain competitive market advantage:
An ISMS assists KPMG to implement good security practices. It assists practices with
international standards and certified players like Google and Microsoft (Mohammed, Omar &
Nguyen, 2017). The system enhances market recognition, growth of business and customer
preservation through innovative and modest policies. It also brings additional benefits such as
authorizations and customer assurance.
Boost security audit practices:
AN ISMS gives KPMG an access to regular assessments and internal audits to ensure
constant improvement and efficiency of maximum security protocols. The global security
standard means the audit which extends to independent and unbiased external assessment at
precise intervals and reducing frequent customer audits (Nicho & MBA, 2011). The system
also gives integrity with staff, client and partnership companies and exhibits due diligence.
Risk assessment:
An ISMS considers internal and external risks for the risk assessment across the company.
The risks are measured, examined and evaluated against a set of determined criteria before
the risk controls are executed. Such controls are practiced based on the probability and likely
impact of risks. An ISMS is a framework which helps company to take proper decisions
about the risks which are specific to business.
the financial and reputation damage. The weak security measures are responsible for the
financial and reputational damage.
To comply with latest regulatory requirements:
An ISMS safeguards the implementation of proper security control with the latest business
requirements such as legal, contractual and regulatory. It obeys cyber security laws like
general data protection regulation (Can, 2015).
To minimise penalties and losses with data breaches:
An ISMS is a systematic way to manage risk and enables organisation to make informed
decisions. It reduces the risk of financial penalties and losses which is caused by the breach
of data due to noncompliance with information security requirements (Tatiara, Fajar, Siregar
& Gunawan, 2018). There is huge cost charged for the data breach in country.
To gain competitive market advantage:
An ISMS assists KPMG to implement good security practices. It assists practices with
international standards and certified players like Google and Microsoft (Mohammed, Omar &
Nguyen, 2017). The system enhances market recognition, growth of business and customer
preservation through innovative and modest policies. It also brings additional benefits such as
authorizations and customer assurance.
Boost security audit practices:
AN ISMS gives KPMG an access to regular assessments and internal audits to ensure
constant improvement and efficiency of maximum security protocols. The global security
standard means the audit which extends to independent and unbiased external assessment at
precise intervals and reducing frequent customer audits (Nicho & MBA, 2011). The system
also gives integrity with staff, client and partnership companies and exhibits due diligence.
Risk assessment:
An ISMS considers internal and external risks for the risk assessment across the company.
The risks are measured, examined and evaluated against a set of determined criteria before
the risk controls are executed. Such controls are practiced based on the probability and likely
impact of risks. An ISMS is a framework which helps company to take proper decisions
about the risks which are specific to business.
Cyber security Planning and Compliance 5
To achieve standards:
An ISMS is a specialised and best information security standard. Achieving such certification
exhibits to clients, regulators and investors that company is following best practices of
information security and data is protected appropriately. The adaption approach of system
reduces the threat of evolving risks in the organisation. It focuses on integrity as well as
confidentiality. It even saves from major disasters to ensure timely continuation.
The information security controls
The information security controls are not only technical or IT related controls. It is a
arrangement of different type of controls like organisational control, IT control and human
resources control. For instance, authenticating a procedure is an organisational control,
executing software tool is IT control and training of people is a human resource control.
When the information security becomes unmanageable then the ISO 27001 is used to build
ISMS. It makes possible to use a complex system by developing a set of rules and
responsibilities. The information security controls are chosen and executed on the basis of
risk assessment of information system. The security controls are measures which are
undertaken to protect an information system (Almeida & Respício, 2018). It saves
information system from the occurrences against the privacy, reliability and accessibility of
information system. There are two ways to classify security controls. One way is to lay
security control into physical, technical and administrative control categories. The other way
is to classify security controls on the basis of taxonomy according to time and security
incident which means directing, preventing and correcting.
Physical security controls
The physical security control is the procedure to control physical access to sensitive
information and protect accessibility of information. This security control ensures that
unauthorised people are barred from physical spaces and assets where their presence can be a
probable threat. The computer and computing devices are deliberated as sensitive assets and
spaces and should be secure consequently. For instance in case of KPMG, physical security
controls are access systems such as guards, restricted areas, CCTV, administrators and door
access controls. Both administrative and technical controls depend on the appropriate
physical security controls (Alotaibi, Furnell & Clarke, 2016).
To achieve standards:
An ISMS is a specialised and best information security standard. Achieving such certification
exhibits to clients, regulators and investors that company is following best practices of
information security and data is protected appropriately. The adaption approach of system
reduces the threat of evolving risks in the organisation. It focuses on integrity as well as
confidentiality. It even saves from major disasters to ensure timely continuation.
The information security controls
The information security controls are not only technical or IT related controls. It is a
arrangement of different type of controls like organisational control, IT control and human
resources control. For instance, authenticating a procedure is an organisational control,
executing software tool is IT control and training of people is a human resource control.
When the information security becomes unmanageable then the ISO 27001 is used to build
ISMS. It makes possible to use a complex system by developing a set of rules and
responsibilities. The information security controls are chosen and executed on the basis of
risk assessment of information system. The security controls are measures which are
undertaken to protect an information system (Almeida & Respício, 2018). It saves
information system from the occurrences against the privacy, reliability and accessibility of
information system. There are two ways to classify security controls. One way is to lay
security control into physical, technical and administrative control categories. The other way
is to classify security controls on the basis of taxonomy according to time and security
incident which means directing, preventing and correcting.
Physical security controls
The physical security control is the procedure to control physical access to sensitive
information and protect accessibility of information. This security control ensures that
unauthorised people are barred from physical spaces and assets where their presence can be a
probable threat. The computer and computing devices are deliberated as sensitive assets and
spaces and should be secure consequently. For instance in case of KPMG, physical security
controls are access systems such as guards, restricted areas, CCTV, administrators and door
access controls. Both administrative and technical controls depend on the appropriate
physical security controls (Alotaibi, Furnell & Clarke, 2016).
Cyber security Planning and Compliance 6
Technical security controls
The technical security controls are also known as logical controls. It consists of the hardware
and software features which help to ensure reliability and safety of data and operating
systems. The hardware components separates core and present overlap, core cleaning to
prevent job clutching control, level of privileges which restricts access to operating system.
The software elements provide access to the management capabilities (Buccafurri, et. al.
2015). These elements protect electronic information in a program. It is an effective logical
system which provides a means to classify, authorise and limit authenticated users to stipulate
actions.
Administrative security policy
These policies are the policies which put into place to monitor action of employees to deal
with the sensitive information of organisation. It updates members who business should be
run and how day to day processes should be directed. The laws and rules conducted by the
government are form of administrative control as it guides a business unit. The administrative
security controls can be imposed with both technical and physical security controls (Preus, et.
al. 2015).
Performance evaluation and improvement
KPMG reviews it’s ISMS in planned intervals to ensure sustainability, capability and
efficiency. It includes evaluating opportunities for the development and changes required to
ISMS. The system includes the security policy and objectives. An ISMS has improved
performance of KPMG by reducing losses which resulted from the insufficient legal and
regulatory compliance. The standard operation and certification increases the trust of
interested parties. It has reduced the outage time caused by the incidents. It has reduced
damages and increased efficiency of business processes. There are various errors which
hinders the continuity of business activity. In this case the remedy actions are taken by the
ISMS (Gangwar & Date, 2015). The system has also harmonised company and information
technology aspects. It helps to ensure co-operation and achieving common goals. The gap is
reduced between the IT and business personnel of company. KPMG applies ISO standard in
operations and management to ensure that the company fulfil requirements of quality. An
ISMS has increased standard and implemented awareness of security among the employees
of organisation. An ISMS has been successful to improve performance of KPMG by taking
Technical security controls
The technical security controls are also known as logical controls. It consists of the hardware
and software features which help to ensure reliability and safety of data and operating
systems. The hardware components separates core and present overlap, core cleaning to
prevent job clutching control, level of privileges which restricts access to operating system.
The software elements provide access to the management capabilities (Buccafurri, et. al.
2015). These elements protect electronic information in a program. It is an effective logical
system which provides a means to classify, authorise and limit authenticated users to stipulate
actions.
Administrative security policy
These policies are the policies which put into place to monitor action of employees to deal
with the sensitive information of organisation. It updates members who business should be
run and how day to day processes should be directed. The laws and rules conducted by the
government are form of administrative control as it guides a business unit. The administrative
security controls can be imposed with both technical and physical security controls (Preus, et.
al. 2015).
Performance evaluation and improvement
KPMG reviews it’s ISMS in planned intervals to ensure sustainability, capability and
efficiency. It includes evaluating opportunities for the development and changes required to
ISMS. The system includes the security policy and objectives. An ISMS has improved
performance of KPMG by reducing losses which resulted from the insufficient legal and
regulatory compliance. The standard operation and certification increases the trust of
interested parties. It has reduced the outage time caused by the incidents. It has reduced
damages and increased efficiency of business processes. There are various errors which
hinders the continuity of business activity. In this case the remedy actions are taken by the
ISMS (Gangwar & Date, 2015). The system has also harmonised company and information
technology aspects. It helps to ensure co-operation and achieving common goals. The gap is
reduced between the IT and business personnel of company. KPMG applies ISO standard in
operations and management to ensure that the company fulfil requirements of quality. An
ISMS has increased standard and implemented awareness of security among the employees
of organisation. An ISMS has been successful to improve performance of KPMG by taking
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Cyber security Planning and Compliance 7
corrective and preventive action. The nonconformities associated with organisation are
eliminated with the implementation of ISMS. An ISMS has helped company to determine and
implement corrective actions needed. It has helped company to record and review corrective
action, determined and implemented preventive actions (Chen, et. al. 2014). The risks are
identified and attention is concentrated on the significant risks. As a consequence of the
implementation of ISMS KPMG has reviewed security policy, objectives, audit results and
monitor events are analysed. The information security has been modified in respond to
internal and external events. The performance of KPMG has been evaluated and improved
after the implementation of ISMS in three phases.
Assessment of current situation
The maturity of KPMG’s information security can be assessed from ISMS and divergence
from best practice. The security system reviews and controls company’s technology,
procedure and employees.
Preparation for certification audit
Resource allocation: An ISMS provides professional personnel for standard implementation.
It requires significant amount of resources. The system assists with interpretation of standard
requirements (Furfaro, et. al. 2016).
Development of documentation system: An ISMS inspects the regulation of KPMG which is
linked to the requirements of ISO 27001 standard. It provides suggestion for the development
of business. It also prepares missing documentation and information security policy.
Risk analysis: The system analyses risk available in the organisation. An execution of risk
analysis helps KPMG to decrease risks that were not covered earlier by the organisation. It
also downs risks to a level which can be acceptable for the management (Anwar, et. al. 2017).
Statement of applicability: The statement of applicability is prepared for the certification
audit for ISO 27001. In this statement the compliance of security controls is confirmed.
ISO 27001 audit
The system enables the process of gaining certification of ISO 27001. The certification
enables KPMG to prove to external parties that company complies the information security
requirements w3hich are set out in the ISO 27001 standard (Ziyabari & Aris, 2014).
corrective and preventive action. The nonconformities associated with organisation are
eliminated with the implementation of ISMS. An ISMS has helped company to determine and
implement corrective actions needed. It has helped company to record and review corrective
action, determined and implemented preventive actions (Chen, et. al. 2014). The risks are
identified and attention is concentrated on the significant risks. As a consequence of the
implementation of ISMS KPMG has reviewed security policy, objectives, audit results and
monitor events are analysed. The information security has been modified in respond to
internal and external events. The performance of KPMG has been evaluated and improved
after the implementation of ISMS in three phases.
Assessment of current situation
The maturity of KPMG’s information security can be assessed from ISMS and divergence
from best practice. The security system reviews and controls company’s technology,
procedure and employees.
Preparation for certification audit
Resource allocation: An ISMS provides professional personnel for standard implementation.
It requires significant amount of resources. The system assists with interpretation of standard
requirements (Furfaro, et. al. 2016).
Development of documentation system: An ISMS inspects the regulation of KPMG which is
linked to the requirements of ISO 27001 standard. It provides suggestion for the development
of business. It also prepares missing documentation and information security policy.
Risk analysis: The system analyses risk available in the organisation. An execution of risk
analysis helps KPMG to decrease risks that were not covered earlier by the organisation. It
also downs risks to a level which can be acceptable for the management (Anwar, et. al. 2017).
Statement of applicability: The statement of applicability is prepared for the certification
audit for ISO 27001. In this statement the compliance of security controls is confirmed.
ISO 27001 audit
The system enables the process of gaining certification of ISO 27001. The certification
enables KPMG to prove to external parties that company complies the information security
requirements w3hich are set out in the ISO 27001 standard (Ziyabari & Aris, 2014).
Cyber security Planning and Compliance 8
Conclusion
The cyber security has given birth to the use of ISMS. An ISMS has changed the way KPMG
used to create and deliver value. The ability to attain accurate information at right time, in the
right layout to the right people has openly brought success of business. The effective
technology resulted from ISMS system realised full potential and reduces risk. KPMG has
stirred cyber security to the heart of company. The ISMS has enlarged range of services and
invested greatly in research and development and acquisitions. The company has also
achieved highest score for current offering and strategy. KPMG has made significant cyber
acquisitions and improved performance of company. From this report, it can be concluded
that the implementation of ISMS has protected asset and reputation of business, complied
latest regulatory requirements, minimised penalties and losses with data breaches, gained
competitive market advantage and boost security audit practices. The information security
can be controlled by measures such as physical, technical and administrative security. It has
made easy for the company to evaluate and improve performance by the implementation of
ISMS.
Conclusion
The cyber security has given birth to the use of ISMS. An ISMS has changed the way KPMG
used to create and deliver value. The ability to attain accurate information at right time, in the
right layout to the right people has openly brought success of business. The effective
technology resulted from ISMS system realised full potential and reduces risk. KPMG has
stirred cyber security to the heart of company. The ISMS has enlarged range of services and
invested greatly in research and development and acquisitions. The company has also
achieved highest score for current offering and strategy. KPMG has made significant cyber
acquisitions and improved performance of company. From this report, it can be concluded
that the implementation of ISMS has protected asset and reputation of business, complied
latest regulatory requirements, minimised penalties and losses with data breaches, gained
competitive market advantage and boost security audit practices. The information security
can be controlled by measures such as physical, technical and administrative security. It has
made easy for the company to evaluate and improve performance by the implementation of
ISMS.
Cyber security Planning and Compliance 9
References
Almeida, L. and Respício, A., 2018. Decision support for selecting information security
controls. Journal of Decision Systems, pp.1-8.
Alotaibi, M., Furnell, S. and Clarke, N., 2016, December. Information security policies: A
review of challenges and influencing factors. In Internet Technology and Secured
Transactions (ICITST), 2016 11th International Conference for(pp. 352-358). IEEE.
Anwar, M., He, W., Ash, I., Yuan, X., Li, L. and Xu, L., 2017. Gender difference and
employees' cybersecurity behaviors. Computers in Human Behavior, 69, pp.437-443.
Buccafurri, F., Fotia, L., Furfaro, A., Garro, A., Giacalone, M. and Tundis, A., 2015,
September. An analytical processing approach to supporting cyber security compliance
assessment. In Proceedings of the 8th International Conference on Security of Information
and Networks (pp. 46-53). ACM.
Can, N., 2015, June. Legal issues concerning the cyber security of GNSS. In Recent
Advances in Space Technologies (RAST), 2015 7th International Conference on (pp. 861-
864). IEEE.
Chen, C.Y., Lin, C., Lu, T.H., Chen, H.F. and Chou, J.N., 2014. Core Competence of
Information Security Service Specialists in System Integration Service Provider.
In Proceedings of the 2nd International Conference on Intelligent Technologies and
Engineering Systems (ICITES2013) (pp. 435-443). Springer, Cham.
Furfaro, A., Gallo, T., Garro, A., Saccà, D. and Tundis, A., 2016, May. Requirements
specification of a cloud service for cyber security compliance analysis. In Cloud Computing
Technologies and Applications (CloudTech), 2016 2nd International Conference on (pp. 205-
212). IEEE.
Gangwar, H. and Date, H., 2015. Exploring Information Security Governance in Cloud
Computing Organisation. International Journal of Applied Management Sciences and
Engineering (IJAMSE), 2(1), pp.44-61.
References
Almeida, L. and Respício, A., 2018. Decision support for selecting information security
controls. Journal of Decision Systems, pp.1-8.
Alotaibi, M., Furnell, S. and Clarke, N., 2016, December. Information security policies: A
review of challenges and influencing factors. In Internet Technology and Secured
Transactions (ICITST), 2016 11th International Conference for(pp. 352-358). IEEE.
Anwar, M., He, W., Ash, I., Yuan, X., Li, L. and Xu, L., 2017. Gender difference and
employees' cybersecurity behaviors. Computers in Human Behavior, 69, pp.437-443.
Buccafurri, F., Fotia, L., Furfaro, A., Garro, A., Giacalone, M. and Tundis, A., 2015,
September. An analytical processing approach to supporting cyber security compliance
assessment. In Proceedings of the 8th International Conference on Security of Information
and Networks (pp. 46-53). ACM.
Can, N., 2015, June. Legal issues concerning the cyber security of GNSS. In Recent
Advances in Space Technologies (RAST), 2015 7th International Conference on (pp. 861-
864). IEEE.
Chen, C.Y., Lin, C., Lu, T.H., Chen, H.F. and Chou, J.N., 2014. Core Competence of
Information Security Service Specialists in System Integration Service Provider.
In Proceedings of the 2nd International Conference on Intelligent Technologies and
Engineering Systems (ICITES2013) (pp. 435-443). Springer, Cham.
Furfaro, A., Gallo, T., Garro, A., Saccà, D. and Tundis, A., 2016, May. Requirements
specification of a cloud service for cyber security compliance analysis. In Cloud Computing
Technologies and Applications (CloudTech), 2016 2nd International Conference on (pp. 205-
212). IEEE.
Gangwar, H. and Date, H., 2015. Exploring Information Security Governance in Cloud
Computing Organisation. International Journal of Applied Management Sciences and
Engineering (IJAMSE), 2(1), pp.44-61.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Cyber security Planning and Compliance
10
Knowles, W., Prince, D., Hutchison, D., Disso, J.F.P. and Jones, K., 2015. A survey of cyber
security management in industrial control systems. International journal of critical
infrastructure protection, 9, pp.52-80.
Kolkowska, E., Karlsson, F. and Hedström, K., 2017. Towards analysing the rationale of
information security non-compliance: Devising a Value-Based Compliance analysis
method. The Journal of Strategic Information Systems, 26(1), pp.39-57.b
Mohammed, D., Omar, M. and Nguyen, V., 2017. Enhancing Cyber Security for Financial
Industry through Compliance and Regulatory Standards. In Security Solutions for
Hyperconnectivity and the Internet of Things (pp. 113-129). IGI Global.
Nicho, M. and MBA, M., 2011. Effectiveness of the PCI DSS 2.0 on Preventing Security
Breaches: A Holistic perspective. Retrieved online on 23rd January from http://www.
sc2labs. com/public/uploaded/Effectiveness-of-PCI-DSS. pdf.
Preus, S., Noer, S.L., Hildebrandt, L.L., Gudnason, D. and Birkedal, V., 2015. iSMS: single-
molecule FRET microscopy software. nature methods, 12(7), p.593.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. Computers & Security, 56, pp.70-82.
Tatiara, R., Fajar, A.N., Siregar, B. and Gunawan, W., 2018, March. Analysis of factors that
inhibiting implementation of Information Security Management System (ISMS) based on
ISO 27001. In Journal of Physics: Conference Series (Vol. 978, No. 1, p. 012039). IOP
Publishing.
Ziyabari, S.K. and Aris, I.B., 2014. A critical review of sustainable radio frequency
identification (rfid)-based livestock monitoring and managemnet systems: towards quality
products and practices. Journal of New Sciences, 12.
10
Knowles, W., Prince, D., Hutchison, D., Disso, J.F.P. and Jones, K., 2015. A survey of cyber
security management in industrial control systems. International journal of critical
infrastructure protection, 9, pp.52-80.
Kolkowska, E., Karlsson, F. and Hedström, K., 2017. Towards analysing the rationale of
information security non-compliance: Devising a Value-Based Compliance analysis
method. The Journal of Strategic Information Systems, 26(1), pp.39-57.b
Mohammed, D., Omar, M. and Nguyen, V., 2017. Enhancing Cyber Security for Financial
Industry through Compliance and Regulatory Standards. In Security Solutions for
Hyperconnectivity and the Internet of Things (pp. 113-129). IGI Global.
Nicho, M. and MBA, M., 2011. Effectiveness of the PCI DSS 2.0 on Preventing Security
Breaches: A Holistic perspective. Retrieved online on 23rd January from http://www.
sc2labs. com/public/uploaded/Effectiveness-of-PCI-DSS. pdf.
Preus, S., Noer, S.L., Hildebrandt, L.L., Gudnason, D. and Birkedal, V., 2015. iSMS: single-
molecule FRET microscopy software. nature methods, 12(7), p.593.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance
model in organizations. Computers & Security, 56, pp.70-82.
Tatiara, R., Fajar, A.N., Siregar, B. and Gunawan, W., 2018, March. Analysis of factors that
inhibiting implementation of Information Security Management System (ISMS) based on
ISO 27001. In Journal of Physics: Conference Series (Vol. 978, No. 1, p. 012039). IOP
Publishing.
Ziyabari, S.K. and Aris, I.B., 2014. A critical review of sustainable radio frequency
identification (rfid)-based livestock monitoring and managemnet systems: towards quality
products and practices. Journal of New Sciences, 12.
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.