Designing a model to protect documented information according to the integration of some international standards (ISO 27001: 2013) (ISO 10013: 2021)

Abstract

The research aims to apply a proposed model to diagnose the gap between the actual reality of the work of the Oil Exploration Company and the protection of information security according to some provisions of the international standard ("ISO 27001: 2013,") and the international standard ("ISO 10013:2021 "). The company has due to the limited measures taken to protect the security of the information documented in it, and in order to reach the scientific facts, the case study approach was adopted, and the checklist was used. As for the statistical analysis methods, the arithmetic mean and percentage of application and documentation were used, and the proposed model showed a gap in the reality of the actual application and documentation of the company under study, which was at a rate of (36%) as somewhat medium rate due to the existence of a bank of documented oil information, the first of its kind in the oil sector performance level.