Institutional-Repository, University of Moratuwa.  

Methodology for practice of information security in software development companies

Show simple item record

dc.contributor.advisor Gamage C
dc.contributor.author Jayasekara EKU
dc.date.accessioned 2019
dc.date.available 2019
dc.date.issued 2019
dc.identifier.citation Jayasekara, E.K.U. (2019). Methodology for practice of information security in software development companies [Master’s theses, University of Moratuwa]. Institutional Repository University of Moratuwa. http://dl.lib.uom.lk/handle/123/16363
dc.identifier.uri http://dl.lib.uom.lk/handle/123/16363
dc.description.abstract When modern organizations are considered, information is one of the most critical assets that need to be protected against external and internal threats. Since there is a massive increase in threats related to information technology applications, information security has become a significant factor. Moreover, information security ensures business continuity and reduce the risk of damage to an organization's reputation. Therefore, internal information security management is a critical factor. There are several factors which affect implementation of information security management. This research is focused on finding out a methodology for information security management in software development companies. To achieve objective information security governance, senior management support and organizational culture factors impact on information security management in software development companies are comprehensively studied. Furthermore, existing management models such as plan, do, check and act model, maturity models, etc., were analyzed to understand its applicability to information security management. An online questionnaire was developed based on three major factors identified during the literature review and shared with Associate technical leads, Technical leads, Software architects, Project managers, Delivery managers, Information Technology managers and Heads of IT in the software industry to represent the information security decision makers in an organization. Collected data was analyzed quantitatively using a statistical tool. The research results have shown a strong positive relationship between information security governance and senior management support with information security management. Whereas Organizational culture has a very weak relationship with information security management. According to the research results, PDCA can be recommended to manage information security in Software development organizations. en_US
dc.language.iso en en_US
dc.subject COMPUTER SCIENCE – Dissertations en_US
dc.subject COMPUTER SCIENCE AND ENGINEERING – Dissertations en_US
dc.subject INFORMATION TECHNOLOGY – Dissertations en_US
dc.subject INFORMATION SECURITY en_US
dc.subject INFORMATION SECURITY MANAGEMENT en_US
dc.subject ORGANIZATIONAL CULTURE en_US
dc.subject INFORMATION SECURITY GOVERNANCE en_US
dc.subject PCDA Model en_US
dc.subject SOFRTWARE DEVELOPMENT COMPANIES en_US
dc.title Methodology for practice of information security in software development companies en_US
dc.type Thesis-Full-text en_US
dc.identifier.faculty Engineering en_US
dc.identifier.degree MBA in Information Technology en_US
dc.identifier.department Department of Computer Science & Engineering en_US
dc.date.accept 2019
dc.identifier.accno TH4402 en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record