@MASTERSTHESIS{pgi2020008, author = "S. Magyar", supervisor = "s. Terzis", title = "Security Data Governance System", school = "Department of Computer and Information Sciences, University of Strathclyde", year = "2019", abstract = "As the Internet has become increasingly ubiquitous, the number of IT incidents and data breaches increased, consequently leading to substantial revenue losses for companies. These losses could be limited by Information Security Management Systems (ISMS). This research examines best practices from the literature and software solutions regarding the asset, risk and policy management, and the way these best practices can be implemented. The aim of this study is to design an ISMS that is based on best practices from the literature and other ISMS software solution. The study also examines how the proposed system can be built, presents the core functionalities that the system needs to support, proposes the best methodology that can be used for the implementation, and explores the languages and tools that could be used to make the system secure and ensure its usability. It was discovered that asset, risk, and policy management are connected to each other and that current software solutions are either too complex to use or do not provide a good graphical interface. The system was developed using Agile. 3 tier architecture has been used where the back-end is a MySQL database. Due to the proposed architecture of the system, SQL injections are the highest threats, however, the system is secure against them. The system is simple, informative and has a dashboard page where diagrams, that show the Key Performance Indicators (KPIs) of an organisation, can be seen. ", }