M.Sc. (Informatics) / A need has been identified for guidelines to Top Management on the implementation of an Information Security Policy and its associated documentation. In this dissertation, the Model for Information Security Documentation (lSD-model) for the organisation and content of documentation on information security is proposed. The proposed model is divided into three distinct levels respectively containing the Information Security Policy Document, the Goal Documents and the Application Guideline Documents. A document is placed on the different levels of the ISO-model according to the amount of detailed information it contains and the management level mainly concerned with that document. Guidelines are given regarding the content and format of each of the levels. Particular emphasis is laid on the Information Security Policy Document, which is the highest level, and a number of existing Information Security Policy Documents are evaluated according to the guidelines given for the lSD-model. Finally, a comparison is made between C. C. Wood's guidelines on Information Security Policies and those given for the ISO-model.
Identifer | oai:union.ndltd.org:netd.ac.za/oai:union.ndltd.org:uj/uj:13100 |
Date | 20 November 2014 |
Creators | Du Toit, Louisa Maria |
Source Sets | South African National ETD Portal |
Detected Language | English |
Type | Thesis |
Rights | University of Johannesburg |
Page generated in 0.0016 seconds