![]() | Only 14 pages are availabe for public view |
Abstract Security gaps in the company system could be a major source of threats to which the institutions security system may be subject, and affects the confidentiality, integrity and availability of its vital assets which otherwise must be secured. Moreover, lack of awareness about using these technologies, and the improper ways employees handle information and its technologies with or without intent may result less damages than those of the previous ones, especially when the employee has access to data of high sensitivity such as accounts and customers data.The Company Owners have a special plan to protect the assets or reduce the risks that may threaten them but without a systematic risk assessment.This research aims at finding out the information security practices at Delta for IT services to measure the extent of their compliance with the requirements of information security. It also, attempts to measure the gap between the actual level of information security practices it tries to accomplish in consistence with the necessities of ISO/IEC: 27001. Moreover, the study aims to discover the fields of control that represent vulnerable points in their security practices and set the necessary recommendations to enhance the compliance to the standards, reduce the gap and improve the information security practices |