Information security management in Australian universities : an exploratory analysis

Lane, Tim (2007) Information security management in Australian universities : an exploratory analysis. Masters by Research thesis, Queensland University of Technology.


Australian Universities increasingly rely on Information Technology (IT) systems for essential business operations, including administration, teaching, learning and research. Applying information security to university IT systems is strategically important to maintaining overall business continuity in universities. However, the process of effectively implementing information security management in the university sector is challenging for security practitioners. University environments consist of a cultural mix of academic freedoms, student needs and compliance mandates. Consequently, unique and divergent demands are placed on securing and accessing university IT systems. This research undertook a qualitative based exploratory analysis of information security management in Australian universities. The aims and objectives of the research (represented as the research questions) were to determine:

1) What is the current status of information security management practices in the Australian university sector?

2) What are the key issues and influencing factors surrounding the effectiveness of information security management practices?

3) How could improvements in information security management be achieved?

The findings from the research led to a comprehensive and insightful examination of the current status, issues and challenges facing information security practitioners in Australian universities. The research findings culminated in the development of a Security Practitioner's Management Model. An essential aim of the model is to assist security practitioners to successfully implement and progress information security in the Australian university environment. The research improves current understanding of information security issues and reinforces the pertinence of information security management as a strategically important business function for Australian universities.

Impact and interest:

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

2,697 since deposited on 03 Dec 2008
327 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 16486
Item Type: QUT Thesis (Masters by Research)
Supervisor: May, Lauren, Meyers, Neville, & Mohannak, Kavoos
Keywords: information security, management, culture of compliance
Divisions: Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Schools > School of Software Engineering & Data Communications
Department: Faculty of Information Technology
Institution: Queensland University of Technology
Copyright Owner: Copyright Tim Lane
Deposited On: 03 Dec 2008 04:04
Last Modified: 28 Oct 2011 19:48

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page