Factors contributing to the success of information security management implementation

Research output: Contribution to journalArticle

Abstract

Information Security Management (ISM) concerns shielding the integrity, confidentiality, availability, authenticity, reliability and accountability of the organisation's information from unauthorised access in order to ensure business continuity and customers' confidence. The importance of information security (IS) in today's situation should be given due attention. Recognising its importance, organisations nowadays have devoted wide efforts in protecting their information. They establish information security policy, processes, and procedures as well as reengineer their organisational structures to align with ISM principles. Regardless of the efforts, security incidents continue to occur in many organisations. This phenomenon shows that the current implementation of ISM is still ineffective due to unaware of the factors contributing to the success of ISM. Thus, the objective of this paper is to identify ISM success factors and their elements through a large-scale survey. The survey involves 243 practitioners from statutory bodies, public and private organisations in Malaysia. The results of the survey indicate that top management, IS coordinator team, ISM team, IS audit team, employees, third parties, IS policy, IS procedures, resource planning, competency development and awareness, risk management, business continuity management, IS audit and IT infrastructure are the factors that contribute to the success of ISM implementation. These factors shall guide practitioners in planning and refining ISM implementation in their organisations.

Original languageEnglish
Pages (from-to)384-391
Number of pages8
JournalInternational Journal of Advanced Computer Science and Applications
Volume10
Issue number11
DOIs
Publication statusPublished - 1 Jan 2019

Fingerprint

Security of data
Planning
Risk management
Shielding
Refining
Industry

Keywords

  • Information security
  • Information security management
  • Key factors
  • Success factors

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

@article{00c29728cf6247a5b50d81474d05c784,
title = "Factors contributing to the success of information security management implementation",
abstract = "Information Security Management (ISM) concerns shielding the integrity, confidentiality, availability, authenticity, reliability and accountability of the organisation's information from unauthorised access in order to ensure business continuity and customers' confidence. The importance of information security (IS) in today's situation should be given due attention. Recognising its importance, organisations nowadays have devoted wide efforts in protecting their information. They establish information security policy, processes, and procedures as well as reengineer their organisational structures to align with ISM principles. Regardless of the efforts, security incidents continue to occur in many organisations. This phenomenon shows that the current implementation of ISM is still ineffective due to unaware of the factors contributing to the success of ISM. Thus, the objective of this paper is to identify ISM success factors and their elements through a large-scale survey. The survey involves 243 practitioners from statutory bodies, public and private organisations in Malaysia. The results of the survey indicate that top management, IS coordinator team, ISM team, IS audit team, employees, third parties, IS policy, IS procedures, resource planning, competency development and awareness, risk management, business continuity management, IS audit and IT infrastructure are the factors that contribute to the success of ISM implementation. These factors shall guide practitioners in planning and refining ISM implementation in their organisations.",
keywords = "Information security, Information security management, Key factors, Success factors",
author = "Mazlina Zammani and Rozilawati Razali and Dalbir Singh",
year = "2019",
month = "1",
day = "1",
doi = "10.14569/IJACSA.2019.0101153",
language = "English",
volume = "10",
pages = "384--391",
journal = "International Journal of Advanced Computer Science and Applications",
issn = "2158-107X",
publisher = "Science and Information Organization",
number = "11",

}

TY - JOUR

T1 - Factors contributing to the success of information security management implementation

AU - Zammani, Mazlina

AU - Razali, Rozilawati

AU - Singh, Dalbir

PY - 2019/1/1

Y1 - 2019/1/1

N2 - Information Security Management (ISM) concerns shielding the integrity, confidentiality, availability, authenticity, reliability and accountability of the organisation's information from unauthorised access in order to ensure business continuity and customers' confidence. The importance of information security (IS) in today's situation should be given due attention. Recognising its importance, organisations nowadays have devoted wide efforts in protecting their information. They establish information security policy, processes, and procedures as well as reengineer their organisational structures to align with ISM principles. Regardless of the efforts, security incidents continue to occur in many organisations. This phenomenon shows that the current implementation of ISM is still ineffective due to unaware of the factors contributing to the success of ISM. Thus, the objective of this paper is to identify ISM success factors and their elements through a large-scale survey. The survey involves 243 practitioners from statutory bodies, public and private organisations in Malaysia. The results of the survey indicate that top management, IS coordinator team, ISM team, IS audit team, employees, third parties, IS policy, IS procedures, resource planning, competency development and awareness, risk management, business continuity management, IS audit and IT infrastructure are the factors that contribute to the success of ISM implementation. These factors shall guide practitioners in planning and refining ISM implementation in their organisations.

AB - Information Security Management (ISM) concerns shielding the integrity, confidentiality, availability, authenticity, reliability and accountability of the organisation's information from unauthorised access in order to ensure business continuity and customers' confidence. The importance of information security (IS) in today's situation should be given due attention. Recognising its importance, organisations nowadays have devoted wide efforts in protecting their information. They establish information security policy, processes, and procedures as well as reengineer their organisational structures to align with ISM principles. Regardless of the efforts, security incidents continue to occur in many organisations. This phenomenon shows that the current implementation of ISM is still ineffective due to unaware of the factors contributing to the success of ISM. Thus, the objective of this paper is to identify ISM success factors and their elements through a large-scale survey. The survey involves 243 practitioners from statutory bodies, public and private organisations in Malaysia. The results of the survey indicate that top management, IS coordinator team, ISM team, IS audit team, employees, third parties, IS policy, IS procedures, resource planning, competency development and awareness, risk management, business continuity management, IS audit and IT infrastructure are the factors that contribute to the success of ISM implementation. These factors shall guide practitioners in planning and refining ISM implementation in their organisations.

KW - Information security

KW - Information security management

KW - Key factors

KW - Success factors

UR - http://www.scopus.com/inward/record.url?scp=85077237591&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85077237591&partnerID=8YFLogxK

U2 - 10.14569/IJACSA.2019.0101153

DO - 10.14569/IJACSA.2019.0101153

M3 - Article

AN - SCOPUS:85077237591

VL - 10

SP - 384

EP - 391

JO - International Journal of Advanced Computer Science and Applications

JF - International Journal of Advanced Computer Science and Applications

SN - 2158-107X

IS - 11

ER -