الفهرس | Only 14 pages are availabe for public view |
Abstract In a time of growing threats and advancing circumstances, receiving and keeping up a strong cybersecurity pro{uFB01}le in the enterprises are crucial. Important data and resources must be protected. Cybersecurity has ended up a predominant issue nowadays facing most organizations, one that is recognized by companies to be an enterprise-wide issue requiring mindful consideration. Enterprises need tools to protect their information and communications through operations. Keeping the operations safe need an integrated tool to use a di{uFB00}erent levels of users. Our research focuses on building framework for integrated tool to make the process of cybersecurity easier and comprehensive for IS auditors team. Also, we highlight the need for these controls to be implemented as part of an overall framework and focuses on the subsequent assurance for cybersecurity defenses which is management review, risk management and internal audits controls. We study a set of security tools and techniques in order to determine the essential functions. We build a proposed integrated tool for IS auditors team based on recently cybersecurity tools and techniques supporting functions. The proposed cybersecurity framework consists of four domains control which are physical, management, data and technical. We evaluate security maturity level on the organizations based on information security management model. Proposed framework shows the controls which are necessary to protect organizations assets. Then, we apply our proposed maturity level for two cases study based on automated controls. It determines the security level depend on implementing four types of process requirements which are general, tactical, strategy and operational processes |