AbstractAs Data security is often associated with risk management policies, two major components are generated: the data security outputs; and the risk management process which details the various activities to protect data. In the last two decades, major corporations and government agencies have realized the great need for formal data security programs which have become an issue of paramount importance that cannot be left only to system designers but it should involve risk managers as well.
This research attempts to build a best practice and develop a data security guide for the United Arab Emirates (UAE) as a written plan that outlines all the phases of data protection. This plan will be of effective competitive advantages to those who manage data. The research also emphasizes the importance of risk management in securing data and highlights the role of managers in formulating integral plans to protect data before, during and after man-made or natural disasters.
The study also introduces a strategy that includes guidelines and procedures, and adds to the knowledge of IT and risk managers a better understanding of the business environment of the United Arab Emirates and the potential hazards expected in the country. Practically, data risk management is an efficient and crucial tool to businesses since it works as a deterrent against expected disasters.
The suggested data security management framework is a result of critical research, questionnaire analysis, investigations and examination of UAE data risk issues. The plan was developed to attain the objective of producing a guide for best data security practice for the United Arab Emirates. Lastly, it also presents a holistic view of data risk assessment and the actions supposed to be taken in case risks of different types threaten information system assets and where counter measures are immediately carried out to stop the risk/s or reduce the loss/es in a meaningful way.
|Date of Award
|Messaoud Saidani (Supervisor) & Leon Smalov (Supervisor)