Information Technology Reference
In-Depth Information
•
Requirement for establishment of Information Systems Disaster Recovery
Management Center,
•
Preservation of information related to national security in electronic
environments,
•
Regulations about legal infrastructure for development of information security
systems [6].
Some research on the information security approaches were also conducted in
Turkey by private companies. One research (Ernst & Young Company) found that 73%
of organizations make investments for information security and 50% of organizations
use information security standards, while 30% of organizations do not have a
connection between their risk management and information security units. Research
results also revealed that information security is perceived as a technological issue by
Turkish companies [7].
3
Research Design
In light of the increasing importance of information security approaches in
organizations, this study focused on identifying the information security approaches of a
defense industry organization in Turkey. Case study methodology was used to achieve
the research objectives. As quoted from Thomas [8], case study methodology is
“analyses of persons, events, decisions, periods, projects, policies, institutions, or other
systems that are studied holistically by one or more methods”. In addition to Thomas's
definition, Zainal [9] claims that a limited number of events, conditions and
relationships of real-life phenomenon can be explored and investigated via case study
methodology.
In this context, the research covered by this paper particularly demonstrates the
current information security approaches and explores information security requirements
in the defense industry organization according to the main objectives listed below:
•
to provide an insight about information security standards and approaches
that have been widely used in recent years by several organizations in
Turkey,
•
to provide a sample assessment for information security approaches,
•
to highlight the importance of information security implementation within
the organizations.
The study research questions that seek to determine the information security
approaches within the defense industry organization are:
•
What is the level of defense industry organization according to information
security assessment?
•
Which information security components should be developed in the defense
industry organization?
•
Which information security components are the strongest points of defense
industry organization?
Search WWH ::
Custom Search