This paper illustrates the operationalizing process of information security best practice standards and the use of checklist approach for auditing and assessing activities to enhance and improve the information security practices in UAE security agencies. The research question is 'How can Information security best practice standards be operationalized into checklists for auditing and assessing UAE security agencies?' The topic has been selected and addressed due to the importance of information security and the current massive rise in information security threats, which targets and attacks government and private business sectors to achieve different political, military and economic objectives. The thesis consists of five main chapters, and the research methodology is the action learning research, which has been implemented to execute a project that will answer the research question. The literature will discuss three domains, operationalizing the security standards, Auditing and assessing practices as well as the benefits of using a checklist. The key objectives were, to review and analyse number of international information security standards, produce a comprehensive checklist that will facilitate the audits and assessments activities, identify the security posture and finally to enforce the implementation of the applicable security controls.
| Date of Award | 2017 |
|---|
| Original language | American English |
|---|
| Supervisor | Athol Yates (Supervisor) |
|---|
- Information security
- UAE security agencies
- and Information security best practice standards.
Operationalizing Information Security Standards in UAE Security Agencies
Aljallaf, A. (Author). 2017
Student thesis: Master's Thesis