Sökresultat:
18580 Uppsatser om Information security governance - Sida 1 av 1239
Säkerhetsstyrning inom den Finansiella Sektorn : En Studie på Best Practice hos Tre Svenska Banker
For organizations that handle sensitive information, IT governance and information security are necessities in order to maintain credibility and to conduct its business efficiently. There are several known processes to increase security governance ? which is a fusion of information security and IT governance.This master thesis examines if organizations use recognized processes and if it in that case would lead to higher security. The study is qualitative and conducted in the financial sector and based on Best Practice frameworks of the security governance in Swedish banks. Data collection was done through interviews and surveys that were triangulated to get a gathered picture of the quality of the security governance activities.
EU:s grannskapspolitik i Medelhavsregionen : En säkerhetspolitisk analys av Medelhavssamarbetet
AbstractThe thesis investigates how the European Union promotes stability and security in the Mediterranean region. The aim is to analyse the European Union?s security ambitions with Euro-Mediterranean Partnership, the Barcelona Process. An analytical framework with five sectors (military, political, economic, environmental and societal), based on the Copenhagen School?s theories about security sectors and securitization, is used for the analysis.
Att tillämpa eller inte? : Svensk kod för bolagsstyrnings effekter på börsnoterade företags årsredovisningar
Problem: After several corporate scandals concerning accounting around the world a discussion concerning corporate governance arose. The public demanded greater insight and better corporate governance in public companies. The discussions led to the development of codes of corporate governance, codes such as the Sarbanes Oxley Act, the Combined Code and the Swedish Code of Corporate Governance. The Swedish code is a clarifying of the Swedish law, a codification of praxis and in some cases an increase in the demands on reporting of information from the companies.Purpose: The purpose of the thesis is to describe what effects the Swedish Code of Corporate Governance has had on the content of annual reports of listed companies and if different types of companies have been affected in different ways.Method: The investigation was conducted using both qualitative and quantitative methods. Through a preliminary study knowledge about the subject was gathered.
Nodal governance och svensk terrorismbekämpning
Den här uppsatsen handlar om nodal governance som teori och analysverktyg. Syftet med uppsatsen är att undersöka på vilket sätt nodal governance är användbart i analysen av en svensk förvaltningskontext där främst offentliga aktörer samverkar och vilka teoretiska och metodologiska problem det eventuellt för med sig. Teorin har applicerats på en fallstudie som analyserar ett fall; svensk terrorismbekämpning.Analysen har visat att visat på teoretiska utvecklingsmöjligheter för nodal governance. Dessutom har förslag till förfining av analysverktyget kunnat presenteras. Studien har visat på möjligheterna och begränsningarna för nodal governance att beskriva och förklara den komplexa förvaltningsmiljö terrorismbekämpning organiseras i..
Framtagning av en informationssäkerhetspolicy
This report was made for the company HordaGruppen AB to investigate how information security was handled. This report fits in the Master program of Internet Technology at School of Engineering in Jönköping University in Sweden.The question at issue was how you protect your information against different threats. One question was how to make an information security policy and which guidelines you can follow in the Swedish Standard, SS-ISO/IEC 17799:2000.Another question was to investigate the information sources at the company and which threats there are against it.The work begins with a presentation about information security for the chief of information and the chief of quality in the company. The next thing was to do a survey of as thing are at present with a tool from Länsteknikcentrum called ?Infosäkpulsen?.
Ansvarsutkrävande i global miljöstyrning -Möjlighet eller utopi?
Is accountability possible in global environmental governance? The purpose ofthis thesis is to examine if accountability is possible in global environmental governance. From an accountability perspective the thesis tries to illuminate global environmental governance. An investigation about the conceptaccountability is made and the thesis also illuminates the possible problems that exist in global environmental governance which exist of such a large amounts of different and often private actors. By investigating and examine the concept of accountability from different aspects and by using Global Compact as a example of global environmental governance the thesis try to answer if accountability actually exist in global environmental governance and in what way it is possible to demand accountability.
Myten om Governance En studie av den nyliberala normen och välfärdsstatens förfall
The thesis of this essay is that the concept of governance is a product of the neo-liberal dominant ideology and that the implementation of governance ideas will lead to a weaker nation-state. Using critical theory the essay constructs an ideal type of neo-liberalism and compares its core values with these of the governance concept as treated by the main literature in the area. The essay then focuses on the issue of the state, and discusses whether the changes leading to a demand for governance have actually weakened the state. Furthermore, the essay presents the practical use of the term governance in the EU and Sweden and problemizes the changes that the neo-liberal domination has led to in terms of power and democracy. Finally the essay discusses alternative views on the changing role of the state.
An Evaluation of the Corporate Governance System at Smartner Information Systems Ltd -
In order to survive constant economic, environmental and political challenges, it has appeared to become increasingly important for a firm to recognize the significance of corporate governance. In this thesis, the structure of the board at Smartner Ltd will be outlined and the relationship between the board members and the CEO will be clarified. In addition, the aim is to analyze the corporate governance system at Smartner Ltd to be able to outline and clarify the distinct relationship between the CEO and board of directors..
Säkra kommunikationskanaler i en distribuerad heterogen miljö
The systems environments of today are often distributed and heterogeneous. These kind of systems have several advantages but also disadvantages. One problem is how to keep them secure.The security problems in these environments are mainly due to the communication between the connected computers. It is relatively easy to tap these communication channels from information. There is also a need for the possibility to secure these channels from modification of sent information and to be able to verify the sender and receiver of information in a secure manner.
Säkerhetstänkande integrerat i systemdesign via formaliserade metoder
Systems development methods mirror different organizational perspectives, and not all methods are formalised, but what they have in common is the purpose of structuring and supporting systems development processes. Which method would be the most suitable may be determined by the systems development context at hand, because every systems development context is unique. Information is a valuable asset in today?s organizations, and it needs to be protected against both internal and external security threats. In our essay we aspired to find and present suggestions as to how systems developers can include security in the very design based on formalised systems development methods to create systems that are better prepared to meet the security challenges of today.
Vägen mot säkerhet - får alla gå med? En kritisk, feministisk analys av det traditionella säkerhetsbegreppet.
In this essay I analyze the concepts security and security policy from a critical, feministic point of view. The traditional way of thinking security is state-centred and narrow with its military oriented threatening pictures and solutions.I advocate that the two concepts need a more feministic and holistic approach to be able to cope with the threats of our time and include the security for women explicitly.To suggest how this can be done I introduce a model; security-sphere, which should be seen as a way to constructively connect my objections to the existing research with a new approach to security problems. The security-sphere is based on two analytical parts; the private security sub-sphere and the public security sub-sphere, in order to make new images of security problems visible.It is a fact that most of the threats against women specifically, take place in the private sphere where no traditional analytical tools reach in - these threats have not been seen as 'real' security problems. My aim is therefore to integrate these issues into the agenda of security policy..
Webbsäkerhet och vanliga brister : kunskapsläget bland utvecklare
This bachelor thesis looks at developers knowledge about web security both regarding their own view on their knowledge and their actual knowledge about vulnerabilities and how you mitigate against them. Web developers knowledge regarding web security are becoming more and more important as more applications and services moves to the web and more and more items become connected to the internet. We are doing this by conducting a survey among developers that are currently studying in the field or are working in the field to get a grip on how the knowledge is regarding the most common security concepts. What we saw was that the result varies between the different concepts and many lack much of the knowledge in web security that is getting increasingly more important to have..
Riskhanteringens utmaning : En studie som identifierar svenska organisationers riskhantering avseende informationssäkerhet samt dess prioritering.
Background: Risk Management plays an important part of the enterprises strategic business activity. Efficient Risk Management will secure the businesses survival, assets and creates market advantages. The interest of information security has consequently gained in Swedish corporations. Corporations have realized the importance of the information which is stored in the IT systems. IT is the tool for businesses future progress and growth and therefore a source of risks.
IT Governance med fokus på IT-investeringar
AbstractDate 2009-06-07Level Master thesis in Information Technology and Business Administration, 15 hp, EIK024Authors Anna Karlsson, akn05009@student.mdh.se Lena-Maria Lindström, llm05002@student.mdh.seTutor Peter EkmanTitle IT Governance with an IT investment focusKeywords IT Governance, IT investments, IT decisions Problem To control and manage IT and IT functions in the organization has been a big challenge for many businesses for a long time. In order to make the management of IT more efficient IT Governance is needed. If the organization is going to be successful IT Governance is necessary and this type of governance enables a more effective use of IT that supports the business and its operations. The problem questions for this thesis are: How is the company?s IT Governance built up? How are decisions regarding the company?s IT investments taken? How is the connection between the company?s IT investments and the company?s IT Governance?Purpose The purpose of this thesis is to describe and analyze how a company?s IT Governance is built up and how the company uses IT Governance to reach the desired results from the IT investments.Method The thesis is a qualitative study.
??Auktorisation och ackreditering inom Försvarsmakten : En studie i nyttan av en standardiserad process för att hantera informationssäkerhet
???Information Technology is an essential part of the society today, not least in large ???organisations dealing with sensitive information. An example of such an organisation is the Swedish Armed Forces which indeed is in the need of ways to ensure information security in their Information Technology systems. The means which is used is an authorisation and accreditation process.All Information Technology systems go through a life cycle which includes realisation, usage, development and liquidation. In the Swedish Armed Forces the lifecycle is an authorisation process.