Multicriteria Decision Analysis on Information Security Policy: A Prioritization Approach-Reference-Cited by-同舟云学术

Multicriteria Decision Analysis on Information Security Policy: A Prioritization Approach

Published:2020-10-14 Issue: Volume: Page:
ISSN:2518-2994
Container-title:Advances in Technology Innovation
language:
Short-container-title:Adv. technol. innov.

Author:

Jonathan Salar Cabrera ,Ariel Roy Luceño Reyes ,Cindy Almosura Lasco

Abstract

Security is the most serious concern in the digital environment. To provide a sound and firm security policy, a multi-holistic approach must be considered when making strategic decisions. Thus, the objective of this study was to evaluate the information security (IS) and decision making of Davao Oriental State University (DORSU) using the analytic hierarchy process (AHP) approach. The four aspects of IS, namely, the technology, management, economy, and culture were used with the three IS components consisting of confidentiality, integrity, and availability to implement the AHP. The results showed that the technology and management have higher significant values than the economic and cultural aspects. Meanwhile, for the IS components, the integrity signifies the highest priority followed by confidentiality, lastly, and availability. These results emphasize an imbalance in implementing IS policy, which must be addressed to ensure that the data integrity, confidentiality, and availability are balanced, particularly during the information exchange transactions.

Publisher

Taiwan Association of Engineering and Technology Innovation

Subject

Management of Technology and Innovation,General Engineering,Energy Engineering and Power Technology,Renewable Energy, Sustainability and the Environment,Environmental Engineering,General Computer Science

Reference26 articles.

1. R. Anderson, “Why Information Security is Hard: An Economic Perspective,” Proc. Annual Computer Security Applications Conference, December 2001, pp. 358-365.

2. J. P. Laudon and K. C. Laudon, Management Information Systems: Managing the Digital Firm, 12th ed. England: Pearson Education Limited, 2012.

3. S. Shackleford, A. Proia, B. Martell, and A. Craig, “Toward a Global Cybersecurity Standard of Care? Exploring the Implications of the 2014 NIST Cybersecurity,” Texas International Law Journal, no. 291, 2015.

4. Y. P. Surwade and H. J. Patil, “Information Security,” E-Journal of Library and Information Science, pp. 458-466, January 2019.

5. A. Singh, A. Vaish, and P. K. Keserwani, “Information Security: Components and Techniques,” International Journal of Advanced Research in Computer Science and Software Engineering, vol. 4, no. 1, pp. 1072-1077, January 2014.

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. MASISCo—Methodological Approach for the Selection of Information Security Controls;Applied Sciences;2023-01-13