The current research aims to study the extent to which the Independent High Electoral Commission applies to information security risk management by the international standard (ISO / IEC27005) in terms of policies, administrative and technical procedures, and techniques used in managing information security risks, based on the opinions of experts in the sector who occupy positions (General Manager The directorate, department heads and their agents, project managers, heads of divisions, and those authorized to access systems and software). The importance of the research comes by giving a clear picture of the field of information security risk management in the organization in question because of its significant role in identifying risks and setting appropriate controls to manage or get rid of them, flexibility in setting controls at work and gaining the confidence of stakeholders and customers that Their data is protected. Compliance with controls gives the organization the confidence of customers that it is the best supplier and raises the level of ability to meet the requirements of tenders and then get new job opportunities, which encouraged addressing this topic by focusing on the basic standards of this specification and trying to study these standards and identify the most critical problems that This prevents its application in the commission understudy in particular. The Independent High Electoral Commission/National Office in Baghdad was chosen as a site to conduct the research, and the approach of the case study and applied research was followed and through field coexistence, observations, interviews, access to documents and information extracted from records and documents in order to determine the extent of the gap Between the Information Security Department of the commission in question and the system that the specification came with, analyzing the causes of the gaps and developing solutions, and considering The research was extended to the checklists prepared by the International Standardization Organization, and for the purpose of data analysis, the heptagonal scale was used in the checklists to measure the extent to which the implementation and actual documentation conform to the requirements of the specification, while determining the weights for the answers to the questions contained in the checklists by allocating a specific weight to each paragraph of the scale. The research used two statistical methods, the percentage and the weighted mean to express the extent of application and documentation of the specification paragraphs above and relied on the statement of the main reasons for surgery in the emergence of those gaps. The results that were reached showed several reasons that prevented the application of information security risk management, in the light of which treatments were developed that would reduce the gaps that appeared, the most important of which are: that the Commission did not adopt a clear and documented strategy to address risks, and that information security risk management Ineffective and completely secured from external and internal threats. There was also interest in documenting fixed Hardware and portable Hardware represented by computers used at the headquarters of the directorate, servers and small computers used as workstations in divisions and departments and their connection to senior management, as well as laptops and personal digital assistants, which showed a gap attributed to the total undocumented application of Hardware (automatic data processing), processing accessories, and electronic media), while the application was partially and undocumented for other electronic media, including disk drives, printers, paper, and documents.
The research study of the possibility of the application of the quality management system under the international standard ISO ISO9001: 2008 in the station project Rustumiya wastewater treatment of the Department of SEWER BAGHDAD - Baghdad MOREALITY as the first step in the right direction towards the implementation of total quality management (TQM), and the research Find the gap between the international standard and the quality system used in the organization surveyed through the use of checklists to analyze the gap, the checklist have included (191) items distributed on five basic requirements, according to the appearance in the international standard, namely, (quality management system, management responsibility, resource man
... Show More
The research aims to study the reliability of government institutions, including the audit directors, which are one of the most important oversight formations in the Ministry of Construction, Housing and Public Municipalities, on which the responsibility for comprehensive auditing of all the Ministry's (municipalities) formations falls on the Managing the Audit Program according to the specification (ISO 19011: 2018) to improve the audit performance which requires compliance with the application of the audit management system in accordance with the standard Specification (ISO 19011: 2018), depending on the methodology of the case study, and using of checklists, which were chosen ac
... Show MoreThe aim of this research is to measure and analyze the gap between the actual reality and the requirements of the environmental management system in the middle refineries company/refinery cycle according to ISO14001: 2015, as well as to measure the availability of a clean production strategy and test the relationship and impact between the availability of the requirements of the standard and a clean production strategy for the actual reality in the company.
The research problem was determined by the extent to which the requirements of the environmental management system are applied according to ISO14001: 2015 in the middle refineries company? To what extent are the required clean production strategies ava
... Show MoreBotnet detection develops a challenging problem in numerous fields such as order, cybersecurity, law, finance, healthcare, and so on. The botnet signifies the group of co-operated Internet connected devices controlled by cyber criminals for starting co-ordinated attacks and applying various malicious events. While the botnet is seamlessly dynamic with developing counter-measures projected by both network and host-based detection techniques, the convention techniques are failed to attain sufficient safety to botnet threats. Thus, machine learning approaches are established for detecting and classifying botnets for cybersecurity. This article presents a novel dragonfly algorithm with multi-class support vector machines enabled botnet
... Show MoreThis research aims to clarify the importance of an accounting information system that uses artificial intelligence to detect earnings manipulation. The research problem stems from the widespread manipulation of earning in economic entities, especially at the local level, exacerbated by the high financial and administrative corruption rates in Iraq due to fraudulent accounting practices. Since earning manipulation involves intentional fraudulent acts, it is necessary to implement preventive measures to detect and deter such practices. The main hypothesis of the research assumes that an accounting information system based on artificial intelligence cannot effectively detect the manipulation of profits in Iraqi economic entities. The researche
... Show More
XML is being incorporated into the foundation of E-business data applications. This paper addresses the problem of the freeform information that stored in any organization and how XML with using this new approach will make the operation of the search very efficient and time consuming. This paper introduces new solution and methodology that has been developed to capture and manage such unstructured freeform information (multi information) depending on the use of XML schema technologies, neural network idea and object oriented relational database, in order to provide a practical solution for efficiently management multi freeform information system.
Objective the research is to identify Over the Commitment of a Rushed Bank in Baghdad has applied social responsibility in accordance with ISO 26000 by measuring and diagnosing the gap between the actual reality in the bank and the requirements of the standard.
Fes Airport, run by the National Airports‟ Office in Morocco, aspires to be certified by the ISO 9001: 2015 standard; Hereby, it has to meet the needs of the stakeholders‟ expectations in an attempt to promote the airport activities, it has also to take into consideration the risks that are related to the various actors who have well-set priorities and expectations.
The aim of this article is to shed light on the interconnection between the various participants in an attempts to meet the new requirement 4.2 of the ISO 9001: 2015 and to examine the dangers of the integrated management system (QSE) taking into consideration the proposal of an action plan to monitor interfaces, and to promote the application of an integrated
This paper aims to build a modern vision for Islamic banks to ensure sustainability and growth, as well it aims to highlight the positive Iraqi steps in the Islamic banking sector. In order to build this vision, several scientific research approaches were adopted (quantitative, descriptive analytical, descriptive). As for the research community, it was for all the Iraqi private commercial banks, including Islamic banks. The research samples varied according to a diversity of the methods and the data availability. A questionnaire was constructed and conducted, measuring internal and external honesty. 50 questionnaires were distributed to Iraqi academic specialized in Islamic banking. All distributed forms were subject to a thorough analys
... Show More