واقع الممارسات الإدارية لأمن المعلومات في وزارة التربية والتعليم بسلطنة عمان في ضوء متطلبات المعيار العالمي iso27001:2005
The study aimed to uncover the reality of information security management practices in the Ministry of Education in the Sultanate of Oman in light of the requirements of the international standard ISO27001: 2005. It also aimed to reveal the most prominent challenges facing the Ministry's Information Security Department, and to propose some developmental suggestions for the informational Security Department in the Ministry of Education in the Sultanate of in light of the requirements of International standard ISO27001: 2005.The descriptive approach was adopted in the study, as the study included 368 male and female employees of the Ministry’s general office, and all its departments in all the governorates of the Sultanate. A questionnaire was used as a tool for data collection, and the data were analyzed using SPSS program, in which arithmetic averages, standard deviations, frequencies and percentages were extracted. The study came out with a set of results, the most prominent one is that the reality of information security management practices in the Ministry of Education in the Sultanate of Oman in light of the requirements of the international standard ISO27001: 2005 came to a high degree. Moreover, there are no statistically significant differences at the level of α = 0.05 to the degree of application of information security management practices attributable to the two variables of gender and the academic qualification from the viewpoint of the sample members. The most prominent challenges facing the information security department compliant with the requirements of the international standard ISO27001: 2005 in the Ministry of Education in the Sultanate of Oman attributed the information security axis to human resources in the first place by 51% in favor of the phrase that stated “the limited qualified human efficiencies in the information security management”. The information security axis for human resources was among the most important proposals to develop administrative practices at a rate of 65%. The highest frequency came in favor of the proposal, which stated that “intensifying training courses for all workers in the ministry in the field of information security management”. (Author’s abstract)