How companies manage IT security: A comparative study of Pakistan and Sweden
Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
IT security provides comprehensive picture both internally and externally by act of ensuring that data is not lost when critical issues arise. In spite of the world has now been replaced with an imperative approach. The companies are using widely desktop computers, laptops, ipads, smart phones and workstation. The sum of all this has been influence to the IT based information and communication system in companies.
The purpose is to do research by taking a critical look at how different kind of business and non-business companies manage their IT security in Pakistan and Sweden with specific emphasis on the administrative controls. As the IT security has a list of steps but the authors focused on three major functions: IT security policy, IT security plan and IT security risk analysis.
As soon as the topic was selected the emphasis was laid on collecting and reading material related to the IT security. It became clear that the most relevant and interesting task was not merely to investigate how different companies in Pakistan and Sweden manage their IT security but infact try to understand what kind of steps and measures lies behind to achieve them. The method was adopted qualitative because it fulfil the requirements which authors want to achieve in the form of deeper understanding how different companies manage IT security in two different countries.
This study concluded that Pakistani companies in terms of IT security policy should focus on data ware houses by implementing policies for securing of exploiting the data and in case of Swedish company IT managers should implement policies for securing of personal data. Evaluation techniques are missing from the companies of Pakistan and Sweden in IT security plan. Enhancing the performing of IT risk analysis to countermeasure the threat. Pakistani companies should focus on business model of information asset. In case of Swedish company higher level and more detailed analysis can apply to core areas of the IT system. These proposed points for improvements could also help in more understanding of IT security in Pakistan and Sweden.
Place, publisher, year, edition, pages
2013. , 64 p.
Information systems, IT security, IT security Policy, IT security Planning, Perform IT security risk analysis, IT security Bulletin
IdentifiersURN: urn:nbn:se:hj:diva-21768OAI: oai:DiVA.org:hj-21768DiVA: diva2:641499
Subject / course
2013-05-23, University Campus Gjuterigatan 5, Jönköping, Jonkoping, 14:15 (English)