To read this content please select one of the options below:

Organizational factors to the effectiveness of implementing information security management

Shuchih Ernest Chang (Institute of Electronic Commerce, National Chung Hsing University, Taichung, Taiwan, Republic of China)
Chienta Bruce Ho (Institute of Electronic Commerce, National Chung Hsing University, Taichung, Taiwan, Republic of China)

Industrial Management & Data Systems

ISSN: 0263-5577

Article publication date: 1 March 2006

7132

Abstract

Purpose

This paper aims to examine the influence of organization factors on the effectiveness of implementing BS7799, an information security management (ISM) standard.

Design/methodology/approach

Based on literature review, a research model was formulated by extracting the antecedents of ISM, and an empirical study was conducted to show how the organizational factors influence organizations in carrying out BS7799.

Findings

The study result revealed that there were significant impacts of organizational factors, including IT competence of business managers, environment uncertainty, industry type, and organization size, on the effectiveness of implementing ISM.

Research limitations/implications

The sample is limited to the organizational factors in Taiwan. It is suggested to replicate this study in other countries to reconfirm the result before adopting its general implications. Owing to the highly intrusive nature of ISM surveys, a cautious approach with rapport and trust is a key success factor in conducting empirical studies on ISM.

Practical implications

IT competence is conducive to ISM implementation through subjective norms, leadership, belief, and behavior of ISM activities. Environmental uncertainty positively influences the need for greater innovation, which increases the dependence on IT, and therefore makes the effectiveness of ISM more desirable. Companies in an industry sensitive to security threats should pay more attentions to ISM practice. Corporate executives should also realize the size difference for adopting appropriate ISM strategies.

Originality/value

A research model was proposed to study the impacts of organizational factors on ISM, after a broad survey on related researches. The validated model and its corresponding study results can be referenced by enterprise managers and decision makers to make favorable tactics for achieving their goals of ISM.

Keywords

Citation

Ernest Chang, S. and Ho, C.B. (2006), "Organizational factors to the effectiveness of implementing information security management", Industrial Management & Data Systems, Vol. 106 No. 3, pp. 345-361. https://doi.org/10.1108/02635570610653498

Publisher

:

Emerald Group Publishing Limited

Copyright © 2006, Emerald Group Publishing Limited

Related articles