期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2019
卷号:97
期号:3
页码:803-813
出版社:Journal of Theoretical and Applied
摘要:Large scale ICT outsourcing allows enterprises to reduce ICT costs and procure their competitive advantage as it enables them to focus on core competences. Nonetheless, despite a recent outbreak of ICT adoption among companies; there is serious outsourcing-related concern in regards to data security, such as personal information leakages during IT outsourcing projects. Extant information security studies provide different frameworks to solve these security matters in outsourcing environment by stressing the need for application of information security vulnerability and willingness to comply with security systems analyses. However, several concerns arise as proposed measures only consider internal environment without considering partner or sub-supplier�s internal culture. Furthermore, in most cases research is limited to discussing network control and systems supplements using the perspective of technical issues only. Subsequently there is no consideration for the nature of ICT outsourcing security environment which varies depending on size of an organization and complexity of outsourcing stages. Thus this conceptual study proposes new theoretical framework for information security management that concerns characteristics of ICT outsourcing, considers perspective of sociomateriality and aims at strengthening security capabilities in accordance with outsourcing types and organization�s characteristics.
