A model for the development of an organization's information system (IS) security system

Abstract

This thesis addresses the development of a system to secure appropriately an organization from some discernible threats posed by the presence, power, and applications of its computers. It presents a conceptual definitional framework for an information system (IS) security system. This framework consists of the system's objectives environment; resources; components (tasks); and management. A generic development model is established to construct a security system within this framework. The model consists of planning, design, and implementation (installation, testing, and management) phases. Conclusions are drawn which present the continuing need for such a development process within an organization. The development model is considered sufficient enough to serve as a basis for the performance of security system developments within a broad range of organizations.