Abstract
Nowadays, access to reliable information has become an essential factor leading to success in business. In this regard, adequate security of information and systems that process it is critical to the operation of all organizations. Therefore organizations must understand and improve the current status of their information security in order to ensure business continuity in the future. Hence, a research was conducted using Information Security Management System (ISMS) standards as reference model to highlight the practices applied in handling network threats at Telekom Malaysia Berhad (TM) organisation focusing on IPCore Network. This study addressed the control failures or weaknesses during information security incident management practice applied in organisations. This research had shown the relationship between control failure and the incident management system practice that have been applied in TM organisation. During this research, interview sessions were conducted as methodology mechanism, which involving three respondents who are responsible in incident management system environment in TM organisation. By using content analysis, the finding revealed best practice elements that there are involved the process of identifying the incidents, prioritizing incidents based on business impact, tracking incidents to closure, integrating with major IT management systems, and implementing the best practices guidelines and lesson learnt for future improvement. An effective incident management system should be capable of handling incidents event starting from planning and preparing until lesson learnt process. Therefore, this study revealed the TM organisation practice on activities throughout the incident management process, assessment issues faced during handling incident process, and determinant elements influencing the information security management system. Thus, this research proposed future recommendations for ensuring the optimization on incident management process performance effectiveness and efficiency. The adoption of the practice presented in the paper may enable similar telecommunication industry in building the capacity to better manage information security management system with precising the incident management system domain specifically.
Metadata
Item Type: | Thesis (Masters) |
---|---|
Creators: | Creators Email / ID Num. Abdul Malik, Norkhamsiah 2012330747 |
Contributors: | Contribution Name Email / ID Num. Thesis advisor Gian Singh, Jasber Kaur (Dr.) UNSPECIFIED |
Subjects: | T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Internet Protocol multimedia subsystem. Multimedia communications |
Divisions: | Universiti Teknologi MARA, Shah Alam > Faculty of Computer and Mathematical Sciences |
Programme: | Master of Science in Information Technology |
Keywords: | Information security, Management system, Network |
Date: | July 2015 |
URI: | https://ir.uitm.edu.my/id/eprint/63265 |
Download
63265.pdf
Download (169kB)