Research Article Open Access

Integrated Information Security Policy Model for Saudi Arabia Organizations

Wad Ghaban1
  • 1 Department of Computer Science, Applied College, University of Tabuk, Saudi Arabia

Abstract

Information Security Policy (ISP) is an important domain used to preserve the confidentiality, integrity, and availability of sensitive data. However, it is an ambiguous and diverse domain due to the diversity of security policies and the multiplicity nature of organization systems. Numerous specific and generic ISP models have been offered for several purposes. The offered models have numerous redundant procedures, concepts, activities, processes, and tasks that make the ASP domain unorganized, unstructured, and ambiguous among domain experts and users. Thus, the structured and integrated model to simplify sharing, managing, and reusing ISP activities and tasks is still missing. This study applied the design science method to develop a unified model for the ISP domain called the Integrated Information Security Policy Model (IISPM). This aims to identify, recognize, extract, and match different ISP processes, concepts, activities, and tasks from different ISP models in a developed IISPM, thus, allowing domain experts and users to derive/instantiate solution models easily. The developed IISPM consists of six main abstract processes: Information security policy process, information security awareness process, access control process, observing the process, agreement process, and plan process. Each introduced process has specific security practices. The output showed that IISPM assists domain experts and users to create their solution models based on their requirements.

Journal of Computer Science
Volume 19 No. 4, 2023, 454-466

DOI: https://doi.org/10.3844/jcssp.2023.454.466

Submitted On: 31 October 2022 Published On: 14 March 2023

How to Cite: Ghaban, W. (2023). Integrated Information Security Policy Model for Saudi Arabia Organizations. Journal of Computer Science, 19(4), 454-466. https://doi.org/10.3844/jcssp.2023.454.466

  • 1,722 Views
  • 923 Downloads
  • 0 Citations

Download

Keywords

  • Information Security Policy
  • Metamodeling
  • Design Science Research