Muhammad Asif Khan
Keywords: Information systems organizations, security controls, audit and controls, information systems security controls
Abstract: Information Systems (IS) organizations are experiencing a mounting pressure to contribute organizational success and to secure information asset, therefore, protection of information assets has become a paramount concern in IS organizations. IS organizations are more active in implementing technology and know the significance of IS audit and security controls in order to eliminate the risks for their IS asset and infrastructure. The aim of this paper is to analyze and demonstrate the effectiveness of network security controls in IS organizations that are implemented to ensure security and integrity of information assets. Also, the study evaluates the level of implementation of the detective and preventative security controls in organizations. In the present study we have collected data through survey from different organizations in Saudi Arabia. The purpose is to compare between the approaches for IS audit being used by these organizations and the industry standards of IS audit and controls set by organizations
[View Complete Article]