fullrecord |
[{"key": "dc.contributor.advisor", "value": "Sepp\u00e4nen, Ville", "language": null, "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.advisor", "value": "Takala, Arttu", "language": null, "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "R\u00f6nk\u00e4, Aleksanteri", "language": "", "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2024-01-08T07:23:59Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2024-01-08T07:23:59Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2023", "language": null, "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/92553", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Organizations aim to ensure the accessibility, integrity, and reliability of their information assets by implementing security controls within their operational environments. In information systems of safety-critical organizations, sensitive or\nclassified information is frequently processed, requiring compliance with security criteria and formal auditing. Official auditing is always conducted by an external inspection body, but performing an internal self-assessment can prepare\nthe organization, thus conserving resources during the actual audit. The organization's security level can also be improved by self-assessing information systems\nthat are not intended for external audits. Self-assessment should be systematic\nand continuous, requiring a framework to be in place. The objective of this research was to identify best practices in self-assessment for information security\nand develop a self-assessment model using design science research methodology\nfor the target organization. The theoretical foundation for the model was established through a literature review, followed by the development of the artifact,\nthe self-assessment model. The best practices of the model were then compared\nto data obtained from expert interviews to validate the model. The result of the\nresearch is a self-assessment model for information system security, providing\nthe self-assessment team in the target organization with theory-based best practices and improvement suggestions for their existing operational model. Additionally, the model is open to further development, which was one of the goals\nin the development of the artifact.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Organisaatiot pyrkiv\u00e4t varmistamaan informaatio-omaisuuseriens\u00e4 saavutettavuuden, eheyden sek\u00e4 luotettavuuden implementoimalla toimintaymp\u00e4rist\u00f6\u00f6ns\u00e4 tietoturvallisuutta parantavia kontrolleja. Turvallisuuskriittisten organisaatioiden tietoj\u00e4rjestelmiss\u00e4 k\u00e4sitell\u00e4\u00e4n usein turvallisuusluokiteltua, tai salassa\npidett\u00e4v\u00e4\u00e4 tietoa, mik\u00e4 vaatii kyseiselt\u00e4 tietoj\u00e4rjestelm\u00e4lt\u00e4 turvallisuuskriteerist\u00f6n vaatimustenmukaisuutta ja siihen kohdistettavaa auditointia, jossa vaatimustenmukaisuus arvioidaan. Virallisen auditoinnin suorittaa aina ulkoinen arviointilaitos, mutta sit\u00e4 voidaan alustaa toteuttamalla organisaation sis\u00e4inen itsearviointi, mik\u00e4 s\u00e4\u00e4st\u00e4\u00e4 organisaation resursseja varsinaisessa auditoinnissa.\nOrganisaation tietoturvan tasoa voidaan parantaa itsearvioimalla my\u00f6s tietoj\u00e4rjestelmi\u00e4, joita ei ole tarkoitus auditoida ulkoisesti. Itsearvioinnin tulisi olla systemaattista sek\u00e4 jatkuvaa, mink\u00e4 toteutumiseksi tarvitaan viitekehyst\u00e4. T\u00e4m\u00e4n\ntutkimuksen tavoitteena oli l\u00f6yt\u00e4\u00e4 parhaita k\u00e4yt\u00e4nteit\u00e4 tietoturvallisuuden itsearviointeihin liittyen sek\u00e4 kehitt\u00e4\u00e4 suunnittelutieteen tutkimusmenetelm\u00e4\u00e4\nhy\u00f6dynt\u00e4en kohdeorganisaation k\u00e4ytt\u00f6\u00f6n itsearviointimalli, joka toimisi viitekehyksen\u00e4 kohdeorganisaatiossa toteutettaville itsearvioinneille. Tutkielman teoriapohja luotiin mallia varten kirjallisuuskatsauksen avulla, mink\u00e4 j\u00e4lkeen kehitettiin artefakti, eli itsearviointimalli. Mallin parhaita k\u00e4yt\u00e4nteit\u00e4 verrattiin t\u00e4m\u00e4n\nj\u00e4lkeen asiantuntijoiden teemahaastatteluista saatuun aineistoon, mink\u00e4 avulla\nmallia pyrittiin validoimaan. Tutkimuksen tuloksena kehitettiin tietoj\u00e4rjestelmien tietoturvallisuuden itsearviointimalli, joka tarjoaa kohdeorganisaation itsearviointeja tekev\u00e4lle ryhm\u00e4lle teoriaan perustuvia parhaita k\u00e4yt\u00e4nteit\u00e4 sek\u00e4 kehitysehdotuksia k\u00e4yt\u00f6ss\u00e4 olevaan toimintamalliin. Lis\u00e4ksi malli on jatkokehitett\u00e4viss\u00e4, mik\u00e4 oli yksi artefaktin kehityksen tavoitteista.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2024-01-08T07:23:59Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2024-01-08T07:23:59Z (GMT). No. of bitstreams: 0\n Previous issue date: 2023", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "57", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "katakri", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "kriteerist\u00f6", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "Tietoturvallisuuden itsearviointimallin kehitt\u00e4minen turvallisuuskriittisess\u00e4 organisaatiossa", "language": "", "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202401081056", "language": null, "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Master\u2019s thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Pro gradu -tutkielma", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Information Systems Science", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietoj\u00e4rjestelm\u00e4tiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.copyright", "value": "\u00a9 The Author(s)", "language": null, "element": "rights", "qualifier": "copyright", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "restrictedAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": null, "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "kontrolli", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "itsearviointi", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}, {"key": "dc.rights.accessrights", "value": "The author has not given permission to make the work publicly available electronically. Therefore the material can be read only at the archival workstation at Jyv\u00e4skyl\u00e4 University Library (https://kirjasto.jyu.fi/en/workspaces/facilities/facilities#autotoc-item-autotoc-2).", "language": "en", "element": "rights", "qualifier": "accessrights", "schema": "dc"}, {"key": "dc.rights.accessrights", "value": "Tekij\u00e4 ei ole antanut lupaa avoimeen julkaisuun, joten aineisto on luettavissa vain Jyv\u00e4skyl\u00e4n yliopiston kirjaston arkistoty\u00f6semalta. Ks. https://kirjasto.jyu.fi/fi/tyoskentelytilat/laitteet-ja-tilat#autotoc-item-autotoc-2.", "language": "fi", "element": "rights", "qualifier": "accessrights", "schema": "dc"}]
|