English abstract
The study aimed to uncover the reality of information security management
practices in the Ministry of Education in the Sultanate of Oman in light of the
requirements of the international standard ISO27001: 2005. It also aimed to reveal the
most prominent challenges facing the Ministry's Information Security Department,
and to propose some developmental suggestions for the informational Security
Department in the Ministry of Education in the Sultanate of in light of the
requirements of International standard ISO27001: 2005.The descriptive approach was
adopted in the study, as the study included 368 male and female employees of the
Ministry's general office, and all its departments in all the governorates of the
Sultanate. A questionnaire was used as a tool for data collection, and the data were
analyzed using SPSS program, in which arithmetic averages, standard deviations,
frequencies and percentages were extracted. The study came out with a set of results,
the most prominent one is that the reality of information security management
practices in the Ministry of Education in the Sultanate of Oman in light of the
requirements of the international standard ISO27001: 2005 came to a high degree.
Moreover, there are no statistically significant differences at the level of α = 0.05 to
the degree of application of information security management practices attributable to
the two variables of gender and the academic qualification from the viewpoint of the
sample members. The most prominent challenges facing the information security
department compliant with the requirements of the international standard ISO27001:
2005 in the Ministry of Education in the Sultanate of Oman attributed the information
security axis to human resources in the first place by 51% in favor of the phrase that
stated "the limited qualified human efficiencies in the information security
managment". Information security axis for human resources was among the most
important proposals to develop administrative practices at a rate of 65%.
The highest frequency came in favor of the proposal, which stated that "intensifying training
courses for all workers in the ministry in the field of information security
management".
