- Title
- A framework to guide cybersecurity governance efforts in non-profit organisations
- Creator
- le Roux, Wickus
- Subject
- Computer security
- Subject
- Information technology Nonprofit organizations -- security measures
- Date Issued
- 2019
- Date
- 2019
- Type
- Thesis
- Type
- Masters
- Type
- MPhil
- Identifier
- http://hdl.handle.net/10948/44918
- Identifier
- vital:38188
- Description
- The average non-profit organisation is faced with the same cybersecurity challenges as an international multi-corporation that generates income. However, it may lack the competencies or resources to fully utilise, implement, monitor, or evaluate cybersecurity governance to a satisfactory or acceptable level. A literature review revealed limited publicly accessible documents to guide NPOs in particular in the task of cybersecurity governance. Therefore, the problem addressed by this research is the lack of a framework to guide cybersecurity governance efforts in non-profit organisations. This real-world problem was approached using the design science paradigm. It was important to identify, firstly, factors unique to the general context of non-profit organisations, including the constraints and limitations faced by non-profit organisations. Secondly, the key cyber risks for non-profit organisations and how they can materialise through the use of emails, social media, and BYODs in the NPO context, were identified. As a third step, available cybersecurity governance guidelines were analysed to determine best practices. This investigation also revealed the people, process, and technology elements as the pillars of information security. This resulted in the development of a framework (the PotLer framework) to guide cybersecurity governance efforts in non-profit organisations based on the input of the three points mentioned above. The framework was constructed around four conceptual elements, namely information security governance; people, process, and technology; governance elements; and key risks. The PotLer framework expands the high-level generic constructs beyond the conceptual space and provides implementation guidance in the form of a questionnaire to be completed by NPOs. The questionnaire was developed as an interactive spreadsheet that requires “Yes” or “No” responses from participants and generates a recommendation based on these answers. To evaluate the PotLer framework, the aforementioned questionnaire was completed by four NPOs. An additional questionnaire obtained their input on the utility and comprehensiveness of the framework.
- Format
- 106 leaves
- Format
- Publisher
- Nelson Mandela University
- Publisher
- Faculty of Engineering, the Built Environment and Technology
- Language
- English
- Rights
- Nelson Mandela University
- Hits: 1815
- Visitors: 1908
- Downloads: 166
Collections
NMU School of Information and Communication Technology
| Thumbnail | File | Description | Size | Format | |||
|---|---|---|---|---|---|---|---|
| View Details Download | SOURCE1 | le Roux, W 218122896 Treatise Dec 2019.pdf | 1 MB | Adobe Acrobat PDF | View Details Download |