COIT20263 - Information Security Management: Group Discussion on A4A

Verified

Added on 2023/06/15

AI Summary

This discussion post delves into the information security management practices of Academics for Academics (A4A) through a case study analysis. It covers the ethical considerations within A4A, emphasizing the importance of ethics in safeguarding customer data and adhering to regulations like the Data Protection Act. The discussion highlights the sources of ethical approaches, including feedback mechanisms and compliance with legal standards. It also addresses the procedures for practicing ethical behavior, such as maintaining written communication and protecting student information. Furthermore, it explores how A4A's ethics extend to client treatment, including cultural initiatives and language classes. The analysis concludes by referencing various scholarly articles on information security management, risk analysis, and compliance.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SECURITY MANAGEMENT
Information Security management- A Case study of Academics for Academics (A4A)
Name of the student:
Name of the university:
Author note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
INFORMATION SECURITY MANAGEMENT
Ethics in InfoSec of the members of A4A
 Importance of ethics in workplace
Ethics is one such aspect, which reflects the mentality of the personnel towards the
customers. In case of A4A, ethics reflects the approach of the personnel in terms of securing the
personal data and information of the customers. The teachers and the professors have the access
to the students’ profile, which helps in tracking the websites referred by the students for
completion of the allocated projects. The administrative personnel expose conscious approach
towards ensuring the wellbeing of the students and the clients (Lin et al. 2014). This
consciousness helps in the infrastructural development.
 Sources of ethical approach
The personnel adopt the means of survey and feedback for gaining an insight into the
reactions of the students. Herein, the professors adopt a liberal approach towards the students.
This is in terms of luring the foreign students. As a matter of specification, the professors take
into consideration Data Protection Act (1998). Adherence and compliance to the standards of this
act helps the professors to protect and secure the personal belonging of the students.
Along with this, the professors, through the consideration of this act, encourages the
students to refer only those websites, which are accessible (Yang et al. 2013). Apart from this,
compliance to this act assists the professors to safeguard the students from plagiarism and
collusion. If the students themselves in these activities, it becomes difficult for the professors to
avert the illegal courtly instances.

2
INFORMATION SECURITY MANAGEMENT
Utilization of computer and the other technologies is one of the other essential factors in
the ethical considerations of A4A. Maintenance of Computer Misutilization Act helps the
professors to encounter instances of cyber crime, resulting in the loss of company data and
information. Envisioning the wellbeing of the students has encouraged the professors to adopt
security software. In terms of placing the orders of the software, the professors maintain stable
relationship with the suppliers (Fenz et al. 2014).
 Procedures for practicing ethical approach
The possession of written communication acts as a proof for the professors in terms of
serving the terms and conditions of the contracts in a legal manner. Absence of the written proof
compels the professors to encounter illegal instances including the courtly interventions. The
previous sentence contradicts the inner essence of the term “ethics”. The information provided
by the students are protected by the professors. As a matter of specification, the information is
tracked by the admins in the process of transmission from the internal and external environment.
 Other forms of ethics
Ethics of A4A is also reflected in their treatment of the clients. The personnel organize
various cultural shows for the students and foreign delegates, who come to the institution for
taking their services. The foreign students and delegates are given a warm welcome. The
managers of the institution cater to their accommodation and the entertainment needs, so that
lucrative deals, trades and transactions are done for achieving large-scale customer satisfaction.
For gaining the feedback, the personnel adopt the methods of surveys and feedbacks (Tot,
Grubor and Marta 2015). In setting the questions of the survey and feedback, the managers
ensure that the individual sentiments of the clients are secured. Therefore, the professors avoid

3
INFORMATION SECURITY MANAGEMENT
personal questions, as it might affect the psyche of the clients. For dealing with the foreign
clients, the professors of A4A organizes languages classes. This is in terms of mitigating the
language barriers, which generates lack of confidence within the students and the clients in terms
of thinking about residing in the foreign lands. Training is provided to the students by the
professors, which is a gradual progression towards strengthening the bondage between the
students, professors and managers.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
INFORMATION SECURITY MANAGEMENT
References and bibliography
Agrawal, V., 2017. A Comparative Study on Information Security Risk Analysis
Methods. JCP, 12(1), pp.57-67.
Bamakan, S.M.H. and Dehghanimohammadabadi, M., 2015. A Weighted monte carlo simulation
approach to risk assessment of information security management system. International Journal
of Enterprise Information Systems (IJEIS), 11(4), pp.63-78.
Cavusoglu, H., Cavusoglu, H., Son, J.Y. and Benbasat, I., 2015. Institutional pressures in
security management: Direct and indirect influences on organizational investment in information
security control resources. Information & management, 52(4), pp.385-400.
Choi, M. and Lee, C., 2015. Information security management as a bridge in cloud systems from
private to public organizations. Sustainability, 7(9), pp.12032-12051.
Cholez, H. and Girard, F., 2014. Maturity assessment and process improvement for information
security management in small and medium enterprises. Journal of Software: Evolution and
Process, 26(5), pp.496-503.
Crossler, R.E., Johnston, A.C., Lowry, P.B., Hu, Q., Warkentin, M. and Baskerville, R., 2013.
Future directions for behavioral information security research. computers & security, 32, pp.90-
101.
Fenz, S., Heurix, J., Neubauer, T. and Pechstein, F., 2014. Current challenges in information
security risk management. Information Management & Computer Security, 22(5), pp.410-430.

5
INFORMATION SECURITY MANAGEMENT
Fielder, A., Panaousis, E., Malacaria, P., Hankin, C. and Smeraldi, F., 2014, June. Game theory
meets information security management. In IFIP International Information Security
Conference (pp. 15-29). Springer, Berlin, Heidelberg.
Goo, J., Yim, M.S. and Kim, D.J., 2014. A path to successful management of employee security
compliance: An empirical study of information security climate. IEEE Transactions on
Professional Communication, 57(4), pp.286-308.
Ifinedo, P., 2014. Information systems security policy compliance: An empirical study of the
effects of socialisation, influence, and cognition. Information & Management, 51(1), pp.69-79.
Kang, H.S., 2014. An analysis of information security management system and certification
standard for information security. Journal of Security Engineering, 11(6), pp.445-468.
Lin, G.T., Lin, C.C., Chou, C.J. and Lee, Y.C., 2014. Fuzzy Modeling for Information Security
Management Issues in Cloud Computing. International Journal of Fuzzy Systems, 16(4).
Nancylia, M., Mudjtabar, E.K., Sutikno, S. and Rosmansyah, Y., 2014, October. The
measurement design of information security management system. In Telecommunication Systems
Services and Applications (TSSA), 2014 8th International Conference on (pp. 1-5). IEEE.
Ortmeier, P.J., 2017. Introduction to Security. Pearson.
Park, J.H., Yi, K.J. and Jeong, Y.S., 2014. An enhanced smartphone security model based on
information security management system (ISMS). Electronic Commerce Research, 14(3),
pp.321-348.
Pathan, A.S.K. ed., 2016. Security of self-organizing networks: MANET, WSN, WMN, VANET.
CRC press.

6
INFORMATION SECURITY MANAGEMENT
Peltier, T.R., 2013. Information security fundamentals. CRC Press.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. CRC Press.
Siponen, M., Mahmood, M.A. and Pahnila, S., 2014. Employees’ adherence to information
security policies: An exploratory field study. Information & management, 51(2), pp.217-224.
Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs more
holistic approach: A literature review. International Journal of Information Management, 36(2),
pp.215-225.
Tot, L., Grubor, G. and Marta, T., 2015. Introducing the Information Security Management
System in Cloud Computing Environment. Acta Polytechnica Hungarica, 12(3), pp.147-166.
Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber
security. computers & security, 38, pp.97-102.
Whitman, M. and Mattord, H., 2013. Management of information security. Nelson Education.
Yang, Y.P.O., Shieh, H.M. and Tzeng, G.H., 2013. A VIKOR technique based on DEMATEL
and ANP for information security risk control assessment. Information Sciences, 232, pp.482-
500.
Zammani, M. and Razali, R., 2016. An empirical study of information security management
success factors. International Journal on Advanced Science, Engineering and Information
Technology, 6(6), pp.904-913.