Evaluate information security governance frameworks in cloud computing environment using main and sub criteria

In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. Howev...

Full description

Saved in:
Bibliographic Details
Main Authors: Al-Hashimi, M., Al-Nidawi, W.J., Othman, M., Shakir, M., Sulaiman, H.
Format: Article
Language:English
Published: 2020
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.uniten.dspace-13124
record_format dspace
spelling my.uniten.dspace-131242020-03-12T04:31:42Z Evaluate information security governance frameworks in cloud computing environment using main and sub criteria Al-Hashimi, M. Al-Nidawi, W.J. Othman, M. Shakir, M. Sulaiman, H. In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. However, no standard or common criteria have been specified to help organizations in evaluating and selecting the proper cloud computing information security governance framework. Hence, this paper aims to identified the main and sub criteria to help organizations for evaluating the target frameworks. To achieve this aim, a critical review has been conducted to identify the current frameworks. The related frameworks are analyzed to indicate and identify the main and sub criteria that can be used to evaluate the current frameworks and facilitate the frameworks selection process. All criteria will be subjected to an evaluation process via interviews with specialists to define the criteria significance and capability in evaluating and differentiating the existing frameworks. The interview data is analyzed using content analysis method. The analysis of interviews data has found that all the experts agreed that main and sub criteria are very important, 20% of them indicated that these criteria are essential but lack to other sub-criteria such as awareness, valuation of assets and documents control. Furthermore, 70% of the experts indicated that it is difficult to rank the criteria because they have the same importance. Following that, it is recommended that a considerable work is still needed to specify a proper selection method of a suitable cloud computing information security governance framework based on standard or common criteria. Copyright © 2019 American Scientific Publishers All rights reserved. 2020-02-03T03:30:33Z 2020-02-03T03:30:33Z 2019 Article 10.1166/jctn.2019.7989 en
institution Universiti Tenaga Nasional
building UNITEN Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Tenaga Nasional
content_source UNITEN Institutional Repository
url_provider http://dspace.uniten.edu.my/
language English
description In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. However, no standard or common criteria have been specified to help organizations in evaluating and selecting the proper cloud computing information security governance framework. Hence, this paper aims to identified the main and sub criteria to help organizations for evaluating the target frameworks. To achieve this aim, a critical review has been conducted to identify the current frameworks. The related frameworks are analyzed to indicate and identify the main and sub criteria that can be used to evaluate the current frameworks and facilitate the frameworks selection process. All criteria will be subjected to an evaluation process via interviews with specialists to define the criteria significance and capability in evaluating and differentiating the existing frameworks. The interview data is analyzed using content analysis method. The analysis of interviews data has found that all the experts agreed that main and sub criteria are very important, 20% of them indicated that these criteria are essential but lack to other sub-criteria such as awareness, valuation of assets and documents control. Furthermore, 70% of the experts indicated that it is difficult to rank the criteria because they have the same importance. Following that, it is recommended that a considerable work is still needed to specify a proper selection method of a suitable cloud computing information security governance framework based on standard or common criteria. Copyright © 2019 American Scientific Publishers All rights reserved.
format Article
author Al-Hashimi, M.
Al-Nidawi, W.J.
Othman, M.
Shakir, M.
Sulaiman, H.
spellingShingle Al-Hashimi, M.
Al-Nidawi, W.J.
Othman, M.
Shakir, M.
Sulaiman, H.
Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
author_facet Al-Hashimi, M.
Al-Nidawi, W.J.
Othman, M.
Shakir, M.
Sulaiman, H.
author_sort Al-Hashimi, M.
title Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_short Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_full Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_fullStr Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_full_unstemmed Evaluate information security governance frameworks in cloud computing environment using main and sub criteria
title_sort evaluate information security governance frameworks in cloud computing environment using main and sub criteria
publishDate 2020
_version_ 1662758818261499904
score 13.222552