Online from: 1997
Subject Area: Information and Knowledge Management
Options: To add Favourites and Table of Contents Alerts please take a Emerald profile
|Title:||Assessment of information security maturity: An exploration study of Malaysian public service organizations|
|Author(s):||Suhazimah Dzazali, (National Institute of Public Administration, Cyberjaya, Malaysia), Ali Hussein Zolait, (Department of Information Systems, College of Information Technology, University of Bahrain, Sakhir, Bahrain)|
|Citation:||Suhazimah Dzazali, Ali Hussein Zolait, (2012) "Assessment of information security maturity: An exploration study of Malaysian public service organizations", Journal of Systems and Information Technology, Vol. 14 Iss: 1, pp.23 - 57|
|Keywords:||Data management, Data security, Information security, Malaysia, Public service organizations, Risk management, Security assessment, Security awareness, Security management, Security maturity|
|Article type:||Research paper|
|DOI:||10.1108/13287261211221128 (Permanent URL)|
|Publisher:||Emerald Group Publishing Limited|
Purpose – The purpose of this paper is to examine the basis factors involved in the information security management systems of Malaysian public service (MPS) organizations. Therefore, it proposes an empirical analysis which was conducted to identify the antecedents of the information security maturity (ISM) of an organization; and to clarify the relationship between ISM and the social and technical factors identified.
Design/methodology/approach – This study uses quantitative approach, convenience sampling and the required data collected from 970 key players' managers in information security, in a total of 722 government agencies, through a self-administrated survey. Research adopted the Wallace
Findings – The paper provides empirical insights and reveals a number of underlying dimensions of social factors and one technical factor. The risk management was found to be the formal coping mechanism adopted in the MPS organizations and is the leading factor towards ISM. The social factors have the most influence on MPS organizations' ISM. Findings demonstrate that two independent variables, risk management and individual perception, discriminate between those organizations that have high and low ISM.
Research limitations/implications – The research results may lack generalization; therefore, researchers are encouraged to test the proposed propositions further in a different context.
Practical implications – The paper includes implications for the development of a powerful instrument in explaining the ISM. Moreover, it helps internal stakeholders of an organization to formulate a more appropriate policy or give a more effective focus on issues that are really relevant to MPS information security management.
Originality/value – This paper fulfils the identified need to explore determinants of information security maturity.
To purchase this item please login or register.
Complete and print this form to request this document from your librarian