Abstract:
Information Technology is used and practiced as a support service
for business operations across all Sri Lankan organization
categories of each scale. IT Security is considered as an important
aspect in relation to the IT environments of these organizations.
Five concepts of security are defined in the research study as,
Computer Systems Security, Physical and Environmental Security,
Network Security, Procedural and Operational Security and IT
Security for End Users and Clients. IT Security approaches,
requirements and issues in Sri Lankan organizations, related to the
defined security concepts are identified and analyzed. Literature to
support the observations and results, are discussed and included in
the study.
Based on the analysis and literature study, a Security Model is
developed to address the identified issues and requirements on IT
Security structure of Sri Lankan organizations. Some
recommendations and future enhancements are also mentioned and
discussed.