Evaluate information security governance frameworks in cloud computing environment using main and sub criteria

Muhaned Al-Hashimi, Wael Jabbar Al-Nidawi, Marini Othman, Mohanaad Shakir, Hidayah Sulaiman

Research output: Contribution to journalArticle

1 Citation (Scopus)


In spite of the benefits of cloud computing, it is associated with high risks that need an effective security program. Framework of information security governance ensures successful management of information security risk and oversight, and helps to protect an organization's information. However, no standard or common criteria have been specified to help organizations in evaluating and selecting the proper cloud computing information security governance framework. Hence, this paper aims to identified the main and sub criteria to help organizations for evaluating the target frameworks. To achieve this aim, a critical review has been conducted to identify the current frameworks. The related frameworks are analyzed to indicate and identify the main and sub criteria that can be used to evaluate the current frameworks and facilitate the frameworks selection process. All criteria will be subjected to an evaluation process via interviews with specialists to define the criteria significance and capability in evaluating and differentiating the existing frameworks. The interview data is analyzed using content analysis method. The analysis of interviews data has found that all the experts agreed that main and sub criteria are very important, 20% of them indicated that these criteria are essential but lack to other sub-criteria such as awareness, valuation of assets and documents control. Furthermore, 70% of the experts indicated that it is difficult to rank the criteria because they have the same importance. Following that, it is recommended that a considerable work is still needed to specify a proper selection method of a suitable cloud computing information security governance framework based on standard or common criteria.

Original languageEnglish
Pages (from-to)996-1006
Number of pages11
JournalJournal of Computational and Theoretical Nanoscience
Issue number3
Publication statusPublished - Mar 2019

All Science Journal Classification (ASJC) codes

  • Chemistry(all)
  • Materials Science(all)
  • Condensed Matter Physics
  • Computational Mathematics
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Evaluate information security governance frameworks in cloud computing environment using main and sub criteria'. Together they form a unique fingerprint.

  • Cite this