DEVELOPING A MODEL FOR ENTERPRISE INFORMATION SYSTEMS SECURITY
DEVELOPING A MODEL FOR ENTERPRISE INFORMATION SYSTEMS SECURITY

Summary/Abstract: For many decades, organizations have implemented information systems for overseeing their business processes. These information systems have developed into what are known as enterprise information systems. Overall, a key part of establishing the enterprise information system in an organization is the development of security related protocol to administer these processes. In this paper, we an overview of the relevant literature on security policies within the context of enterprise information systems is discussed. Four major issues: security policy documentation, employee awareness, top management support, and access control are the key drivers associated with establishing an enterprise information security system. A model is presented to encompass these four issues within the context of corporate governance for the security of the enterprise information systems. A few interviews with Information Technology managers across distinct industry sectors were conducted to establish the validity of the conceptual framework. We summarize the paper with the future direction for this research.

• Details
• Contents