Evaluation of an information security management system at a Mexican higher education institution

The purpose of this research was to know the degree of administrative knowledge, the degree of training of human resources, the degree of commitment of administrators and the degree of effectiveness of the administration for information security risk based on ISO/IEC 27001.The population consisted of 81 subjects (66 administrators and 15 ITD personnel). Those evaluated were employers of the administrative office of the university and also staff of the Information Technology Department (ITD). To make the comparisons, three groups of managers were formed according to classifications of administrative staff, the classification was as follows: (a) first-line manager, (b) middle management and (c) top management. About the results, it can be corroborated that administrative staff with a lower rank have more problems in making the best decisions in relation to the implementation of an ISMS, it should be noted that the first-line manager is the one who has more contact with the students and is the one who is less involved in the implementation of an ISMS. It can also be inferred that the institutionś planners are not fully trained in the institutionś information security efforts. This in turn prevents the generation of proposals for initiatives to implement an ISMS. With this shortcoming, it is possible that security breaches could be generated.


page 1

page 2

page 3

page 4


A conceptual framework of Intelligent Management Control System for Higher Education

The utilization of management control systems in university management p...

Library Information System Audit Senayan Library Management System (SLiMS) Using ISO 9126

The library serves as a vehicle for education, research, conservation, i...

Using a Binary Classification Model to Predict the Likelihood of Enrolment to the Undergraduate Program of a Philippine University

With the recent implementation of the K to 12 Program, academic institut...

Snitches Get Stitches: On The Difficulty of Whistleblowing

One of the most critical security protocol problems for humans is when y...

Teaching Information Security Management in Postgraduate Tertiary Education: The Case of Horizon Automotive Industries

Teaching cases based on stories about real organizations are a powerful ...

How to Survive a Learning Management System (LMS) Implementation? A Stakeholder Analysis Approach

To survive a learning management system (LMS) implementation an understa...

Methods to Evaluate Lifecycle Models for Research Data Management

Lifecycle models for research data are often abstract and simple. This c...

Please sign up or login with your details

Forgot password? Click here to reset