“Memoona is a very bright prospect with a very sharp mind, her traits are quick to grasp new methodologies, act smart and respond well to challenges. She came far from being an elementary learner to a research scholar and that is quite an impressive achievement of it's own. I wish her all the best in her career and personal life.”
Memoona J. Anwar, Ph.D.
Morundah, New South Wales, Australia
2K followers
500 connections
About
Expertise in areas of information security, auditing, risk, and compliance particularly for PII and big data in digital ecosystems.
Specialising in decentralised digital identity design and architecture
PhD in Information Systems
Architecture development for regulatory compliant and adaptive decentralized digital identity architecture framework where privacy is embedded into the design of the solution.
7 years of experience in software development and Agile Methodologies.
Good knowledge of Australian Privacy Laws spanning over; Privacy Act 1988(Cth), APP. HIPPA. FOI, PSPF, ISM
Also GDPR, eIDAS and NIST Cybersecurity Framework.
ISO27001 Lead Implementer
Hands-on ISO 27701 PIMS.
Basic knowledge of TOGAF, SABSA, Archimate, ITIL
Experience
Education
Licenses & Certifications
Publications
-
A Conceptual Model to Assess the Maturity Of Information Security Audit Process
CEUR
One of the critical aspects of information security management is the security audit, both
internal and external audits. The fundamental challenge for organisations is the effective design
and implementation of the information security audits to better understand their information
security capability. In this paper, we present insights from an action design research (ADR)
project and propose a conceptual model to assess the maturity of security audit processes. The
results of…One of the critical aspects of information security management is the security audit, both
internal and external audits. The fundamental challenge for organisations is the effective design
and implementation of the information security audits to better understand their information
security capability. In this paper, we present insights from an action design research (ADR)
project and propose a conceptual model to assess the maturity of security audit processes. The
results of this research can be used to create an improvement plan, which will guide
organisations to reach their target process maturity level. The maturity model proposed in this
paper was evaluated by way of feedback workshops in the target organization. The model
forms the basis for future work for generalising the research into a formal reference architecture
(involving models and principles) for audit process maturity. -
PESTLE risk analysis model to assess pandemic preparedness of digital ecosystems
Security and Privacy Journal
COVID-19 pandemic has affected every country in many ways. Its substantial economic impacts are causing businesses to fade, pushing many nations into an economic downturn. This exposes organizations worldwide to unique risks which cannot be foreseen with conventional methods of risk analysis. This research is part of a broader action design research project conducted in collaboration with industry partner to answer an important research question: How to extend PESTLE risk analysis model to…
COVID-19 pandemic has affected every country in many ways. Its substantial economic impacts are causing businesses to fade, pushing many nations into an economic downturn. This exposes organizations worldwide to unique risks which cannot be foreseen with conventional methods of risk analysis. This research is part of a broader action design research project conducted in collaboration with industry partner to answer an important research question: How to extend PESTLE risk analysis model to assess pandemic preparedness? In this context, the health factor is added to extend the traditional PESTLE risk analysis model. Furthermore, the interdependence between PESTLE factors has also been investigated, which has not been discussed before. The contribution of this research is the novel PESTLE risk analysis model that will help individuals and businesses to improve their understanding of the health crisis, such as the COVID-19, adjust accordingly and eventually endure the ongoing crisis, which is driving most businesses into liquidation.
Other authorsSee publication -
Secure big data ecosystem architecture: challenges and solutions
EURASIP Journal on Wireless Communications and Networking
Big data ecosystems are complex data-intensive, digital–physical systems. Data-intensive ecosystems offer a number of benefits; however, they present challenges as well. One major challenge is related to the privacy and security. A number of privacy and security models, techniques and algorithms have been proposed over a period of time. The limitation is that these solutions are primarily focused on an individual or on an isolated organizational context. There is a need to study and provide…
Big data ecosystems are complex data-intensive, digital–physical systems. Data-intensive ecosystems offer a number of benefits; however, they present challenges as well. One major challenge is related to the privacy and security. A number of privacy and security models, techniques and algorithms have been proposed over a period of time. The limitation is that these solutions are primarily focused on an individual or on an isolated organizational context. There is a need to study and provide complete end-to-end solutions that ensure security and privacy throughout the data lifecycle across the ecosystem beyond the boundary of an individual system or organizational context. The results of current study provide a review of the existing privacy and security challenges and solutions using the systematic literature review (SLR) approach. Based on the SLR approach, 79 applicable articles were selected and analyzed. The information from these articles was extracted to compile a catalogue of security and privacy challenges in big data ecosystems and to highlight their interdependencies. The results were categorized from theoretical viewpoint using adaptive enterprise architecture and practical viewpoint using DAMA framework as guiding lens. The findings of this research will help to identify the research gaps and draw novel research directions in the context of privacy and security in big data-intensive ecosystems.
Other authorsSee publication -
Developing an Integrated ISO 27701 and GDPR based Information Privacy Compliance Requirements Model
ACIS
The protection of information assets requires interdisciplinary approach and cross-functional capabilities. In recent times, information security and privacy compliance continue to be a complicated task due to increasing regulatory restrictions, changing legislations and public awareness. The newly published information security and privacy standard ISO/IEC 27701:2019 provides support for organisations looking to put in place systems to support compliance with global data privacy requirements.…
The protection of information assets requires interdisciplinary approach and cross-functional capabilities. In recent times, information security and privacy compliance continue to be a complicated task due to increasing regulatory restrictions, changing legislations and public awareness. The newly published information security and privacy standard ISO/IEC 27701:2019 provides support for organisations looking to put in place systems to support compliance with global data privacy requirements. However, there is little known about how does this standard map to other regulatory requirements in different jurisdictions specifically the globally relevant General Data Protection Regulation (GDPR). Hence, this research aims to answer an important research question: whether and how the ISO/IEC 27701:2019 framework represents an opportunity for the GDPR compliance? This research provides a review and mapping of ISO/IEC 27701:2019 and GDPR by using an integrated requirement engineering model as a kernel theory. The results of this research will assist organisations contemplating to meet their compliance needs. It will also help academics and practitioners interested in integrating the ISO/IEC 27701:2019 and GDPR for developing relevant compliance frameworks and tools.
Other authorsSee publication
Projects
-
AI based Future generation digital identity management
-
Open Banking (CDR) Wallet
-
-
Blockchain based eIDV
-
Honors & Awards
-
Qualified as highly ranked woman in engineering
UTS
-
Scholarship In NUST
NUST
Earned a scholarship from E&ME College (NUST) for MS leading to PHD
-
Gold Medal
NUML
Gold Medalist , National University Of Modern Languages(NUML), Session 2006 (CGPA 3.8/4.0)
-
For Best Presentation Skills
NUML
-
Silver Medal
National University of Science and Technology
Stood Second in class For MS(SE)-09 (CGPA 3.9/4.0)
Recommendations received
5 people have recommended Memoona J.
Join now to viewOther similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More