The protection of security information in government departments requires the active engagement of executive management to assess emerging threats and provide strong security risk control measures. For most government departments, establishing effective protection of security information is a major initiative, given the often continuous, strategic nature of typical security efforts. This requires commitments or support from senior management and adequate resources. It necessitates the elevation of information security management to positions of authority commensurate to the required responsibilities. This has been the trend in recent years as government departments are increasingly dependent on their information assets and resources, while threats and disruptions continue to escalate in frequency and cost. It is clear from numerous recent studies that organisations that have taken the steps described in this research document and have implemented effective information security risk control measures have achieved significant results in reduced losses and improved resource management. Given the demonstrable benefits, it is surprising that there have not been greater progress in effectively managing information assets. Although regulatory compliance has been a major driver in improving the protection of security information overall, this study has also shown that nearly half of all government departments are failing to initiate meaningful compliance efforts. Failure to address the identified vulnerabilities by government departments will result in espionage, covert influencing manipulation, fraud, sabotage and corruption. Information security risk control measures include the elements required to provide senior management assurance that its direction and intent are reflected in the security posture of the organisation by utilising a structured approach to implement an information security programme. Once those elements are in place, senior management can be confident that adequate and effective protection of security information will protect, as far as possible, the department’s vital information assets. / Criminology and Security Science / M.Tech (Security Management)
Identifer | oai:union.ndltd.org:netd.ac.za/oai:union.ndltd.org:unisa/oai:umkn-dsp01.int.unisa.ac.za:10500/19897 |
Date | 02 1900 |
Creators | Nkwana, Mokata Johannes |
Contributors | Govender, Doraval |
Source Sets | South African National ETD Portal |
Language | English |
Detected Language | English |
Type | Dissertation |
Format | 1 online resource (xiii, 171 pages) |
Page generated in 0.0048 seconds