• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 1
  • Tagged with
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

An investigation into the state-of-practice of information security within Zambian copper mines: a case study

Lukweza, Chishala January 2011 (has links)
Zambian copper mines have embraced the use of information technologies for strategic operations and competitive advantage. This dependence on these technologies has not only been seen in the physical aspects of business operations but also in the use of information systems such as Enterprise Resource Planning Systems (ERPs) for strategic decision making and increased usage of Industrial Control Systems (ICS’) that are meant to enhance operational efficiency in production areas. A survey was conducted to explore leadership perceptions on information security practices in Zambian copper mines and an ISO/IEC 27002 Audit Tool was administered to middle management in a particular mine for an in-depth analysis of their information security practices. Results revealed that although information security controls may have been put in place in these organisations, there are still areas that require attention. Senior management and middle management have different perceptions as to the extent to which information security practices are conducted in these copper mines. This implies that management may not be fully involved in certain aspects of these organisations’ information security practices. The results concluded that management needs to be fully involved and provide support for information security programs. Furthermore, these information security programs should be standardised so as to effectively protect these organisations’ information assets. This should also include the involvement of personnel as key players in the information security process.

Page generated in 0.115 seconds