NORMA eResearch @NCI Library

An Evidence Gathering Framework for auditing Policy Compliance

Phadnis, Nachiket (2022) An Evidence Gathering Framework for auditing Policy Compliance. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (665kB) | Preview
[thumbnail of Configuration manual]
Preview
PDF (Configuration manual)
Download (362kB) | Preview

Abstract

In the ever-changing world of cyber threats and attack, establishing a solid security posture for an enterprise and adhering to various standards must be the main priority. The aim of this research project was to close the gap between adherence to security rules and the actual execution of security measures to ensure that these policies are followed. This is accomplished using a suggested EGF, which may be used in conjunction with the compliance audit process to gather evidence of an organization's security settings and controls and record it for review and evaluation.

By conducting an audit and implementing the framework design, the suggested framework was verified against several SMEs and its security posture. This aided in identifying the gaps in the security controls and settings, as well as gathering the information needed to submit them to the appropriate authorities for revisions and implementation. The framework aided in the improvement of the organization's security posture, making it more attentive and prepared to deal with cyber threats and attacks. It also assisted enterprises in closing the gap by adopting a Compliance first strategy via Security Policy Compliance.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 29 Dec 2022 12:05
Last Modified: 29 Dec 2022 12:05
URI: https://norma.ncirl.ie/id/eprint/6040

Actions (login required)

View Item View Item