The purpose of this paper is to explain clearly the role of the information system security management within the entire Port of Rijeka security process. The complexity of the Port of Rijeka system, in which Rijeka Port Authority contemplates the development strategy of the Rijeka traffic route and the services provided by the Port within the framework of the already existing development paradi...

Organisations are under constant pressure from governments and industry to implement risk management methods. There are various information security risk management methods available that organisations can implement, and each has different approaches to identifying, measuring, controlling and monitoring the information security risks. Organisations find it difficult to select an information sec...

Information security is important in proportion to an organization’s dependence on information technology. Security of a computer based information system should protect the Confidentiality, Integrity and Availability (CIA) aspects of the system. With the increasing dependence of business processes on information technology, the number of attacks against CIA aspects have increased manifold. Sin...

State of information system security is described with the large number of features and indicators for different areas of information security. Depending on the area of a business in the company and the security objectives, for the effective security management it is necessary to select appropriate indicators and establish a process of their monitoring and measurement. Systematic application of...

Information systems are frequently exposed to various types of threats which can cause different types of damages that might lead to significant financial losses. Information security damages can range from small losses to entire information system destruction. The effects of various threats vary considerably: some affect the confidentiality or integrity of data while others affect the availabi...

A survey of college students from both IS and CS programs was undertaken to understand student recognition and awareness of information security issues in course learning. Comparisons will be made for students before and after taking the security class as well as between the two different majors. The results of the study will demonstrate possible differences in perceptions between students of t...

The Georgetown University Medical Center Department of Radiology used a tailored version of OCTAVE, a self-directed information security risk assessment method, to design a teleradiology system that complied with the regulation implementing the security provisions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The system addressed threats to and vulnerabilities in t...

One of the major problems in industrial security management is that most organizations or enterprises do not provide adequate guidelines or well-defined policy with respect to trust management, and trust is still an afterthought in most security engineering projects. With the increase of handheld devices, managers of business organizations tend to use handheld devices to access the information ...

This paper intends to contribute to a better understanding of the process through which security principles and security planning should support information systems in order to enhance its possibilities of application. It sustains that a set of security variables influences the relationship between business continuity (BC) and a secure utilisation of Applied Information Systems (ApIS) in severa...