An Empirical Study of Information Security Management Success Factors

Mazlina Zammani (1), Rozilawati Razali (2)
(1) Universiti Kebangsaan Malaysia
(2) Universiti Kebangsaan Malaysia
Fulltext View | Download
How to cite (IJASEIT) :
Zammani, Mazlina, and Rozilawati Razali. “An Empirical Study of Information Security Management Success Factors”. International Journal on Advanced Science, Engineering and Information Technology, vol. 6, no. 6, Dec. 2016, pp. 904-13, doi:10.18517/ijaseit.6.6.1371.
Information security management (ISM) is a continuous, structured and systematic security approach to manage and protect the organisation’s information from being compromised by irresponsible parties. To ensure the information remains secure, many organisations have implemented ISM by establishing and reviewing information security (IS) policy, processes, procedures and organisational structures. Regardless of the efforts, security threats, incidents, vulnerabilities and risks are still plaguing many organisations. Lack of awareness of ISM effectiveness due to low understanding of the success factors is one of the major factors that cause this phenomenon.  This study aimed to address this subject by firstly identifying the ISM key factors from existing literature and then by confirming the factors and discovering other related factors from practitioners’ perspective. This study used qualitative method where it adopted semi-structured interviews involving nine practitioners. The data were analysed using content analysis technique. Through the analysis, the study validated several ISM factors and their elements that contribute to the success of ISM. The findings provide practitioners with the high understanding of ISM key factors and could guide practitioners in implementing proper ISM.
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

    1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
    2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
    3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).