TABLE OF CONTENTS CHAPTER TITLE PAGE

Transcription

1 viii TABLE OF CONTENTS CHAPTER TITLE PAGE TITLE PAGE DECLARATION DEDICATION ACKNOWLEDGEMENT ABSTRACT ABSTRAK TABLE OF CONTENTS LIST OF TABLES LIST OF FIGURES LIST OF APPENDICES I II III IV VI VII VIII XII XIII XIV 1. PROJECT OVERVIEW Introduction Disaster approach Audit Approach Background of Problem Statement of the Problem Project Objective Scope of the project Importance of the Project Chapter Summary 8

2 ix 2. LITERATURE REVIEW 2.1. Introduction Overview of an Information Asset Definition Of Information Asset Identification and Classification of Information Asset Critical Information asset Risk Analysis / Assessment Risk Analysis Models Threat & Vulnerabilities Identifying Critical Information Asset OCTAVE Allegro Method Managing Critical Information Asset E-Learning System The Introduction of E-Learning at UTM E-Learning Stakeholders Disaster Management Definition of Disaster Recovery IT Disaster Recovery Management IT plan for Disaster Management Information Audit Definition of Information Audit Auditing a Disaster Plan Audit of an Existing Emergency Business Plan Frequency of Audits Chapter Summary RESEARCH METHODOLOGY 3.1 Introduction Research Design Defining the Research Questions Determining the Research Approach Deductive versus Inductive Research Justification of Method 47

3 x 3.4 Project Methodology Explore, generation of ideas Identify data sources and sampling techniques Validity and Reliability Assessment Data Collection and Gathering The questionnaire Data Processing and Analysis Data interpretation (synthesis) Chapter Summary DATA COLLECTION 4.1 Introduction Organizational Analysis Introduction to Universiti Technologi Malaysia UTM Organizational Structure Data Collection Survey Sampling Questionnaire Design Questionnaire Summary Data Analysis Tools Chapter Summary DATA ANALYSIS AND FINDINGS 5.1 Introduction Questionnaire Analysis Questionnaire Findings Questionnaire First Findings Questionnaire Second Findings Questionnaire Third Findings Chapter Summary DISCUSSION ON THE FINDINGS 6.1 UTM E-Learning Critical Information Asset 84

4 xi Assigning Values for Information Assets UTM e-learning Information Assets Storage Form Potential Disaster (Threats) in UTM E-Learning System Preparation for Information Asset Disaster and Auditing Proposed Disaster Audit Model for UTM E-Learning Information Assets Management Principles Chapter Summary RECOMMENDATION AND CONCLUSION 7.1 Introduction Achievements Constraints and Challenges The Future Enhancements Chapter Summary 100 REFERENCE 101 Appendix A F

5 xii LIST OF TABLES TABLE NO. TITLE PAGE 4.1 Target Respondent II (Instructors) Ten Most Active 62 Lecturers and Challenges 4.2 Target Respondent III (Students from the Faculties) UTM e-learning Critical Information Assets UTM e-learning Potential Threats (disasters) Possible Vulnerabilities to the Identified Threats Summary of the Proposed Model Components 94

6 xiii LIST OF FIGURES FIGURE NO. TITLE PAGE 2.1 Literature Review Framework Flow of risk analysis The Relationship between Information Assets, Threats, 21 Vulnerabilities and Existing Defences 2.4 OCTAVE Allegro Roadmap (Richard et al 2007) Comparism between OCTAVE Allegro and Adopted 25 Steps 2.6 Information Management of an Organization (Gartner ) 3.1 Research Method Most Frequent used Information Asset Information Assets that have significant disrupt Common Name for Critical Information Asset Forms in Which Information Asset is Held Information Asset Storage in Physical Form Primary Responsibility for Critical Information Asset Threats that Represents Serious Danger to Information 76 Assets 5.8 Instractors Information Asset Storage Form Proposed Disaster Audit Model 93

7 xiv LIST OF APPENDICES APPENDIX TITLE PAGE A E-Learning Survey Questionnaire Set B E-Learning Survey Questionnaire Set C E-Learning Survey Questionnaire Set D Questionnaire Analysis Tables 118 E UTM Organizational Structure 126 F Gantt Chart 127