A Study of the Implementation, Maintenance and Continual Improvement of an Information Security Management System

Sammanfattning: The high adoption rate of cloud computing technology is changing the strategic, operational and functional aspects of businesses. Though, as cloud computing is seeing massive global investment, the vast concentration of resources and information argues for new sources of vulnerabilities and challenges for the cloud computing adopters. Hence, the cloud computing technology is argued to see its full potential once solid information security is established. There has been a palpable development of theories, guidelines and standards of how to implement, maintain and continually improve a security information management system. The outcome has resulted in recognized standards. However, the comprehensiveness and the complexity to implement, maintain and continually improve a security information management system remain. Therefore, this study aimed to investigate how cloud computing oriented firms succeed with the realization of an information security management system. This was done by identifying frameworks and processes used by cloud computing oriented organizations.