期刊名称:International Journal of Advanced Computer Science and Applications(IJACSA)
印刷版ISSN:2158-107X
电子版ISSN:2156-5570
出版年度:2019
卷号:10
期号:11
页码:384-391
出版社:Science and Information Society (SAI)
摘要:Information Security Management (ISM) concerns
shielding the integrity, confidentiality, availability, authenticity,
reliability and accountability of the organisation’s information
from unauthorised access in order to ensure business continuity
and customers’ confidence. The importance of information
security (IS) in today’s situation should be given due attention.
Recognising its importance, organisations nowadays have
devoted wide efforts in protecting their information. They
establish information security policy, processes, and procedures
as well as reengineer their organisational structures to align with
ISM principles. Regardless of the efforts, security incidents
continue to occur in many organisations. This phenomenon
shows that the current implementation of ISM is still ineffective
due to unaware of the factors contributing to the success of ISM.
Thus, the objective of this paper is to identify ISM success factors
and their elements through a large-scale survey. The survey
involves 243 practitioners from statutory bodies, public and
private organisations in Malaysia. The results of the survey
indicate that top management, IS coordinator team, ISM team,
IS audit team, employees, third parties, IS policy, IS procedures,
resource planning, competency development and awareness, risk
management, business continuity management, IS audit and IT
infrastructure are the factors that contribute to the success of
ISM implementation. These factors shall guide practitioners in
planning and refining ISM implementation in their
organisations.
关键词:Information security; information security
management; success factors; key factors
