Mahidol University Logo
Faculty of ICT, Mahidol University
 

Admissions

Printable Version

 

A PROTOTYPE SYSTEM OF ICT SECURITY MEASUREMENT USING BALANCED SCORECARD

 

TITLE A PROTOTYPE SYSTEM OF ICT SECURITY MEASUREMENT USING BALANCED SCORECARD
AUTHOR ORATHAI UNGAMRUNG
DEGREE MASTER OF SCIENCE PROGRAMME IN COMPUTER SCIENCE
FACULTY FACULTY OF SCIENCE
ADVISOR SUPACHAI TANGWONGSAN
CO-ADVISOR DAMRAS WONGSAWANG
SONGSRI TANGSRIPAIROJ
 
ABSTRACT
The objective of this research was to design a prototype of an information and communication technology (ICT) security system within an organization, applying the balanced scorecard to the evaluation. Indicators used for the evaluation were gathered from ISO/IEC 17799, which is the international standard for ICT. They are multimeasure indicators, with a number of factors having an impact on these standards. As a consequence, the analytic hierarchy process (AHP) is used to analyze the evaluation measures, so that the measures derived are reliable and realistic. In addition, the evaluation result will be displayed in the form of scorecard to enable the executives to view the current situation of the ICT security within their organization. For a trial of the prototype system, a medium-size bank in Thailand was applied as the prototype organization. Typically, banks have branches in provinces and districts throughout the country. In this connection, the bank’s branches and regional centers were evaluated for their ICT security, by defining the weight and score of indicators for each branch. The weight and score defined for an evaluation could be adjusted based on appropriateness so that the outcomes obtained were realistic. Subsequently, the system would make an evaluation of the ICT security of the bank’s branches and regional centers, including summarizing an assessment of the ICT security of provinces, regions and the organization itself. In this regard, an evaluation consequence was displayed in 2 patterns of scorecards, namely, tree and table. The data was revealed from the viewpoint of the bank’s branches, regional centers, provinces, regions and organization. The findings of the research reveal that the designed and developed evaluation prototype for ICT security within an organization can achieve the defined objectives.
KEYWORD BALANCED SCORECARD/ ICT SECURITY MEASUREMENT

 

Go to Top

 

ICT Building, Mahidol University, 999 Phuttamonthon 4 Road, Salaya, Nakhonpathom 73170 Tel. +66 02 441-0909 Fax. +66 02 849-6099
Mahidol University Computing Center, The Faculty of ICT, Mahidol University , Rama 6 Road, Rajathevi, Bangkok 10400 Tel. +66 02 354-4333 Fax. +66 02 354-7333