Previous MSc Theses

"Security Data Governance System." S. Magyar. s. Terzis. Department of Computer and Information Sciences, University of Strathclyde. 2019. Download PDF (BibTeX) IM

Abstract:
As the Internet has become increasingly ubiquitous, the number of IT incidents and data breaches
increased, consequently leading to substantial revenue losses for companies. These losses could be
limited by Information Security Management Systems (ISMS). This research examines best practices
from the literature and software solutions regarding the asset, risk and policy management, and the
way these best practices can be implemented.
The aim of this study is to design an ISMS that is based on best practices from the literature and other
ISMS software solution. The study also examines how the proposed system can be built, presents the
core functionalities that the system needs to support, proposes the best methodology that can be used
for the implementation, and explores the languages and tools that could be used to make the system
secure and ensure its usability.
It was discovered that asset, risk, and policy management are connected to each other and that current
software solutions are either too complex to use or do not provide a good graphical interface. The
system was developed using Agile. 3 tier architecture has been used where the back-end is a MySQL
database. Due to the proposed architecture of the system, SQL injections are the highest threats,
however, the system is secure against them. The system is simple, informative and has a dashboard
page where diagrams, that show the Key Performance Indicators (KPIs) of an organisation, can be seen.