- Title
- An investigation into the state-of-practice of information security within Zambian copper mines: a case study
- Creator
- Lukweza, Chishala
- ThesisAdvisor
- Upfold, Chris
- Subject
- Computer security -- Zambia -- Management Case studies
- Subject
- Computer networks -- Security measures -- Zambia Case studies
- Subject
- Copper mines and mining -- Computer networks -- Security measures -- Zambia Case studies
- Subject
- Information technology -- Zambia
- Date
- 2011
- Type
- Thesis
- Type
- Masters
- Type
- MSc
- Identifier
- vital:1146
- Identifier
- http://hdl.handle.net/10962/d1002776
- Identifier
- Computer security -- Zambia -- Management Case studies
- Identifier
- Computer networks -- Security measures -- Zambia Case studies
- Identifier
- Copper mines and mining -- Computer networks -- Security measures -- Zambia Case studies
- Identifier
- Information technology -- Zambia
- Description
- Zambian copper mines have embraced the use of information technologies for strategic operations and competitive advantage. This dependence on these technologies has not only been seen in the physical aspects of business operations but also in the use of information systems such as Enterprise Resource Planning Systems (ERPs) for strategic decision making and increased usage of Industrial Control Systems (ICS’) that are meant to enhance operational efficiency in production areas. A survey was conducted to explore leadership perceptions on information security practices in Zambian copper mines and an ISO/IEC 27002 Audit Tool was administered to middle management in a particular mine for an in-depth analysis of their information security practices. Results revealed that although information security controls may have been put in place in these organisations, there are still areas that require attention. Senior management and middle management have different perceptions as to the extent to which information security practices are conducted in these copper mines. This implies that management may not be fully involved in certain aspects of these organisations’ information security practices. The results concluded that management needs to be fully involved and provide support for information security programs. Furthermore, these information security programs should be standardised so as to effectively protect these organisations’ information assets. This should also include the involvement of personnel as key players in the information security process.
- Format
- 297 leaves, pdf
- Publisher
- Rhodes University, Faculty of Commerce, Information Systems
- Language
- English
- Rights
- Lukweza, Chishala
- Hits: 1681
- Visitors: 1829
- Downloads: 190
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details | SOURCEPDF | 1 MB | Adobe Acrobat PDF | View Details |