期刊名称:International Journal of Soft Computing & Engineering
电子版ISSN:2231-2307
出版年度:2016
卷号:6
期号:3
页码:1-6
出版社:International Journal of Soft Computing & Engineering
摘要:Strategic Information Systems Planning (SISP)and pertinent Information Security Policy (ISP) in organisationsare largely inevitable in the contemporary business systems.Embedding information security policy within the organisation’sstrategic information system planning is essential for theeffectiveness of using information systems in modern systems in asecure environment. A survey of relevant literature on SISP andISP in organisations’ processes reveals a close relationshipbetween them and draws attention to how contradictions withinthis relationship may threaten as well. We explore the importanceof embedding the ISP process within the SISP, and how these twoissues are vital to organisations. It is further established theinevitable complementary role of these to ensure the effectivenessof contemporary information systems. The strategic planninginformation system makes certain that new systems are deployedin a way that maintains the strategic objectives of an organisationwhile the security policy provides a framework for verifying thatsystems are shaped and managed in a secure manner. EmbeddingISP in SISP appears to increase progressively the securitycapability of an organisation, and hence, the deliverables from theSISP process may be more effective, efficient and hencefsystemscame with huge complexities beneficial to the organisation.Although organisations may face security glitches throughout theapplication and operational phase, they must try hard such aninevitable embedding to avoid certain catastrophic risks, assurebusiness continuity and enhance overall productivity. Finally, acyber sensitive audit and control based ISP Components-basedframework is proposed for embedding ISP into SISP, right frominstantiation..
关键词:Strategic Information Systems Strategy;Information Systems (IS); Information Technology (IT);Information Security Policy; Contemporary Business; Security;Risk; Business Continuity Planning (BCP).
