Date of Publication

12-2022

Document Type

Master's Thesis

Degree Name

Master in Information Security

Subject Categories

Information Security

College

College of Computer Studies

Department/Unit

Computer Technology

Thesis Advisor

Arlyn Verina Ong

Defense Panel Chair

Marnel Peradilla

Defense Panel Member

Gregory Cu
Arlyn Verina Ong

Abstract/Summary

Risk Assessment is an integral part of organizational practice to assess the levels of security in business operations, IT infrastructure and information systems. It helps to protect critical data, identify security flaws, and ensures that appropriate policies and procedures have been implemented and working effectively. This study aims to develop an Information Security Risk Assessment procedure based on HITRUST Security Framework that will help internal risk assessors to increase efficiency in performing risk assessment and guide the business personnel to understand the requirement of this framework. HITRUST is a widely adopted security framework that provides comprehensive risk management and compliance program that can help to identify, assess, and mitigate potential risk in the organization. Compliance to this framework is important to prove that organization is committed in upholding the highest level of data protection to its customers while noncompliance can lead to productivity losses, business disruption and imposition of hefty fines, and penalties.

Keywords: Information Security, Risk Assessment, Security Framework, HITRUST

Abstract Format

html

Language

English

Format

Electronic

Physical Description

58, 5 leaves

Keywords

Risk assessment; Data protection; Computer security; Business--Data processing--Security measures.

Upload Full Text

wf_yes

Embargo Period

12-15-2022

Download

Share

COinS