- Title
- An investigation of ISO/IEC 27001 adoption in South Africa
- Creator
- Coetzer, Christo
- ThesisAdvisor
- Bradshaw, Karen
- Subject
- ISO 27001 Standard
- Subject
- Information technology -- Security measures
- Subject
- Computer security
- Subject
- Data protection
- Date
- 2015
- Type
- Thesis
- Type
- Masters
- Type
- MSc
- Identifier
- vital:4720
- Identifier
- http://hdl.handle.net/10962/d1018669
- Description
- The research objective of this study is to investigate the low adoption of the ISO/IEC 27001 standard in South African organisations. This study does not differentiate between the ISO/IEC 27001:2005 and ISO/IEC 27001:2013 versions, as the focus is on adoption of the ISO/IEC 27001 standard. A survey-based research design was selected as the data collection method. The research instruments used in this study include a web-based questionnaire and in-person interviews with the participants. Based on the findings of this research, the organisations that participated in this study have an understanding of the ISO/IEC 27001 standard; however, fewer than a quarter of these have fully adopted the ISO/IEC 27001 standard. Furthermore, the main business objectives for organisations that have adopted the ISO/IEC 27001 standard were to ensure legal and regulatory compliance, and to fulfil client requirements. An Information Security Management System management guide based on the ISO/IEC 27001 Plan-Do-Check-Act model is developed to help organisations interested in the standard move towards ISO/IEC 27001 compliance.
- Format
- 146 p., pdf
- Publisher
- Rhodes University, Faculty of Science, Computer Science
- Language
- English
- Rights
- Coetzer, Christo
- Hits: 2988
- Visitors: 3075
- Downloads: 212
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCEPDF | 2 MB | Adobe Acrobat PDF | View Details Download |