Information security management success factors

Mazlina Zammani, Rozilawati Razali

Research output: Contribution to journalArticle

4 Citations (Scopus)

Abstract

Information security (IS) in the context of organisation is a concept that concerns safeguarding the organisation’s critical information by performing security activities. To ensure that IS is effectively enforced and executed, many organisations have introduced information security management (ISM) initiatives. IS standards, policies, guidelines and procedures are formulated to guide organisations in implementing ISM. Despite the extensive efforts, organisations are still exposed to security threats and risks due to ineffective ISM practices. One possible cause of this phenomenon is that organisations are unaware of the factors that influence the success of ISM. This study aims to address this concern by analysing the existing literature in order to identify the success factors of ISM. Six related studies together with the ISM international standard, guideline and model were reviewed and compared. To conceptualise the factors, the literature was analysed qualitatively using content analysis. Based on the analysis, the study has compiled a number of factors and elements that contribute to the success of ISM. The factors are grouped into three main aspects, namely People, Process and Organisation. The People need to possess certain attributes in order to perform the key ISM Process, which should be supported by the Organisation through the establishment of specific guidance. By understanding the ISM success factors, the ISM implementation in organisations is believed to be gradually improved and become effective.

Original languageEnglish
Pages (from-to)1924-1929
Number of pages6
JournalAdvanced Science Letters
Volume22
Issue number8
DOIs
Publication statusPublished - 1 Aug 2016

Fingerprint

Information Management
Information Security
Security of data
Organizations
management
Guidelines
security threat
Content Analysis
Process Management
process management
Guidance

Keywords

  • Information security
  • Information security management
  • Success factors

ASJC Scopus subject areas

  • Engineering(all)
  • Environmental Science(all)
  • Computer Science(all)
  • Energy(all)
  • Mathematics(all)
  • Health(social science)
  • Education

Cite this

Information security management success factors. / Zammani, Mazlina; Razali, Rozilawati.

In: Advanced Science Letters, Vol. 22, No. 8, 01.08.2016, p. 1924-1929.

Research output: Contribution to journalArticle

Zammani, Mazlina ; Razali, Rozilawati. / Information security management success factors. In: Advanced Science Letters. 2016 ; Vol. 22, No. 8. pp. 1924-1929.
@article{5762453dbf574d64bb9fde372e7b5398,
title = "Information security management success factors",
abstract = "Information security (IS) in the context of organisation is a concept that concerns safeguarding the organisation’s critical information by performing security activities. To ensure that IS is effectively enforced and executed, many organisations have introduced information security management (ISM) initiatives. IS standards, policies, guidelines and procedures are formulated to guide organisations in implementing ISM. Despite the extensive efforts, organisations are still exposed to security threats and risks due to ineffective ISM practices. One possible cause of this phenomenon is that organisations are unaware of the factors that influence the success of ISM. This study aims to address this concern by analysing the existing literature in order to identify the success factors of ISM. Six related studies together with the ISM international standard, guideline and model were reviewed and compared. To conceptualise the factors, the literature was analysed qualitatively using content analysis. Based on the analysis, the study has compiled a number of factors and elements that contribute to the success of ISM. The factors are grouped into three main aspects, namely People, Process and Organisation. The People need to possess certain attributes in order to perform the key ISM Process, which should be supported by the Organisation through the establishment of specific guidance. By understanding the ISM success factors, the ISM implementation in organisations is believed to be gradually improved and become effective.",
keywords = "Information security, Information security management, Success factors",
author = "Mazlina Zammani and Rozilawati Razali",
year = "2016",
month = "8",
day = "1",
doi = "10.1166/asl.2016.7746",
language = "English",
volume = "22",
pages = "1924--1929",
journal = "Advanced Science Letters",
issn = "1936-6612",
publisher = "American Scientific Publishers",
number = "8",

}

TY - JOUR

T1 - Information security management success factors

AU - Zammani, Mazlina

AU - Razali, Rozilawati

PY - 2016/8/1

Y1 - 2016/8/1

N2 - Information security (IS) in the context of organisation is a concept that concerns safeguarding the organisation’s critical information by performing security activities. To ensure that IS is effectively enforced and executed, many organisations have introduced information security management (ISM) initiatives. IS standards, policies, guidelines and procedures are formulated to guide organisations in implementing ISM. Despite the extensive efforts, organisations are still exposed to security threats and risks due to ineffective ISM practices. One possible cause of this phenomenon is that organisations are unaware of the factors that influence the success of ISM. This study aims to address this concern by analysing the existing literature in order to identify the success factors of ISM. Six related studies together with the ISM international standard, guideline and model were reviewed and compared. To conceptualise the factors, the literature was analysed qualitatively using content analysis. Based on the analysis, the study has compiled a number of factors and elements that contribute to the success of ISM. The factors are grouped into three main aspects, namely People, Process and Organisation. The People need to possess certain attributes in order to perform the key ISM Process, which should be supported by the Organisation through the establishment of specific guidance. By understanding the ISM success factors, the ISM implementation in organisations is believed to be gradually improved and become effective.

AB - Information security (IS) in the context of organisation is a concept that concerns safeguarding the organisation’s critical information by performing security activities. To ensure that IS is effectively enforced and executed, many organisations have introduced information security management (ISM) initiatives. IS standards, policies, guidelines and procedures are formulated to guide organisations in implementing ISM. Despite the extensive efforts, organisations are still exposed to security threats and risks due to ineffective ISM practices. One possible cause of this phenomenon is that organisations are unaware of the factors that influence the success of ISM. This study aims to address this concern by analysing the existing literature in order to identify the success factors of ISM. Six related studies together with the ISM international standard, guideline and model were reviewed and compared. To conceptualise the factors, the literature was analysed qualitatively using content analysis. Based on the analysis, the study has compiled a number of factors and elements that contribute to the success of ISM. The factors are grouped into three main aspects, namely People, Process and Organisation. The People need to possess certain attributes in order to perform the key ISM Process, which should be supported by the Organisation through the establishment of specific guidance. By understanding the ISM success factors, the ISM implementation in organisations is believed to be gradually improved and become effective.

KW - Information security

KW - Information security management

KW - Success factors

UR - http://www.scopus.com/inward/record.url?scp=84985015746&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84985015746&partnerID=8YFLogxK

U2 - 10.1166/asl.2016.7746

DO - 10.1166/asl.2016.7746

M3 - Article

VL - 22

SP - 1924

EP - 1929

JO - Advanced Science Letters

JF - Advanced Science Letters

SN - 1936-6612

IS - 8

ER -