Information security management frameworks and strategies in higher education institutions: a systematic review

Merchán Lima, Jorge Luis; Astudillo Salinas, Darwin Fabián; Tello Oquendo, Luis; Sánchez, Franklin; López Fonseca, Gabriel; Quiroz, Dorys

Publication:
Information security management frameworks and strategies in higher education institutions: a systematic review

dc.contributor.author	Merchán Lima, Jorge Luis
dc.contributor.author	Astudillo Salinas, Darwin Fabián
dc.contributor.author	Tello Oquendo, Luis
dc.contributor.author	Sánchez, Franklin
dc.contributor.author	López Fonseca, Gabriel
dc.contributor.author	Quiroz, Dorys
dc.date.accessioned	2022-02-25T14:51:45Z
dc.date.available	2022-02-25T14:51:45Z
dc.date.issued	2021
dc.description.abstract	Effective information security management (ISM) practices to protect the information assets of organizations from security intrusions and attacks is imperative. In that sense, a systematic literature review of academic articles focused on ISM in higher education institutions (HEIs) is conducted. For this purpose, an empirical study was performed. Studies carried out from 2012 onward reporting results from HEIs data that perform the ISM through various means, such as a set of framework functions, implementation phases, infrastructure services, and securities to their assets, have been explored. The articles found were then analyzed following a methodological procedure consisting of a systematic mapping study with their research questions, inclusion and exclusion criteria, selection of digital libraries, and analysis of the respective search strings. A set of competencies, resources, directives, and strategies that contribute to designing and to developing an ISM framework (ISMF) for HEIs is identified based on standards such as ISO 27000, COBIT, ITIL, NIST, and EDUCAUSE. This study introduces a strategic reference that guides HEIs on the development of an ISMF and provides recommendations that should be considered for its implementation in an era of ever-evolving security threats.
dc.identifier.doi	10.1007/s12243-020-00783-2
dc.identifier.issn	0003-4347
dc.identifier.uri	https://www.scopus.com/record/display.uri?eid=2-s2.0-85088596935&origin=resultslist&sort=plf-f&src=s&st1=Information+security+management+frameworks+and+strategies+in+higher+education+institutions%3a+a+systematic+review&sid=2dbac346aa2cea97745405084839dca2&sot=b&sdt=b&sl=126&s=TITLE-ABS-KEY%28Information+security+management+frameworks+and+strategies+in+higher+education+institutions%3a+a+systematic+review%29&relpos=0&citeCnt=3&searchTerm=
dc.language.iso	es_ES
dc.source	Annales des Telecommunications/Annals of Telecommunications
dc.subject	Framework
dc.subject	higher education institution
dc.subject	information security
dc.subject	ISMF
dc.title	Information security management frameworks and strategies in higher education institutions: a systematic review
dc.type	ARTÍCULO
dc.ucuenca.afiliacion	Merchan, J., Universidad de Cuenca, Departamento de Ingeniería Eléctrica, Electrónica y Telecomunicaciones(DEET), Cuenca, Ecuador
dc.ucuenca.afiliacion	Astudillo, D., Universidad de Cuenca, Departamento de Ingeniería Eléctrica, Electrónica y Telecomunicaciones(DEET), Cuenca, Ecuador
dc.ucuenca.afiliacion	Tello, L., Universidad Nacional del Chimborazo Unach, Riobamba, Ecuador
dc.ucuenca.afiliacion	Sánchez, F., Escuela Politécnica Nacional (EPN), Quito, Ecuador
dc.ucuenca.afiliacion	Lopez, G., Escuela Politécnica Nacional (EPN), Quito, Ecuador
dc.ucuenca.afiliacion	Quiroz, D., Hospital de Especialidades Fuerzas Armadas, Quito, Ecuador; Quiroz, D., Universidad de las Fuerzas Armadas ESPE, Sangolqui, Ecuador
dc.ucuenca.areaconocimientofrascatiamplio	2. Ingeniería y Tecnología
dc.ucuenca.areaconocimientofrascatidetallado	2.2.4 Ingeniería de La Comunicación y de Sistemas
dc.ucuenca.areaconocimientofrascatiespecifico	2.2 Ingenierias Eléctrica, Electrónica e Información
dc.ucuenca.areaconocimientounescoamplio	06 - Información y Comunicación (TIC)
dc.ucuenca.areaconocimientounescodetallado	0613 - Software y Desarrollo y Análisis de Aplicativos
dc.ucuenca.areaconocimientounescoespecifico	061 - Información y Comunicación (TIC)
dc.ucuenca.correspondencia	Astudillo Salinas, Darwin Fabian, fabian.astudillos@ucuenca.edu.ec
dc.ucuenca.cuartil	Q2
dc.ucuenca.embargoend	2050-12-30
dc.ucuenca.embargointerno	2050-12-30
dc.ucuenca.factorimpacto	0.34
dc.ucuenca.idautor	0104863709
dc.ucuenca.idautor	0103907036
dc.ucuenca.idautor	0000-0002-5274-666X
dc.ucuenca.idautor	0000-0003-3963-2630
dc.ucuenca.idautor	Sgrp-5200-005
dc.ucuenca.idautor	Sgrp-5200-006
dc.ucuenca.indicebibliografico	SCOPUS
dc.ucuenca.numerocitaciones	0
dc.ucuenca.urifuente	https://link.springer.com/journal/12243/volumes-and-issues/76-3
dc.ucuenca.version	Versión publicada
dc.ucuenca.volumen	Volumen 76, número 3-4
dspace.entity.type	Publication
relation.isAuthorOfPublication	0ace217e-689c-4f2a-bbbf-0b5171b24110
relation.isAuthorOfPublication.latestForDiscovery	0ace217e-689c-4f2a-bbbf-0b5171b24110

Files

Original bundle

Now showing 1 - 1 of 1

Name:: documento.pdf
Size:: 53.86 KB
Format:: Adobe Portable Document Format
Description:: document

Download

Collections

Publicaciones

Publication: Information security management frameworks and strategies in higher education institutions: a systematic review

Files

Original bundle

Collections

Publication:
Information security management frameworks and strategies in higher education institutions: a systematic review