期刊名称:Communications of the Association for Information Systems
印刷版ISSN:1529-3181
出版年度:2014
卷号:34
期号:1
页码:37
出版社:Association for Information Systems
摘要:We investigated the effectiveness of a security risk management (SRM) program at a large healthcare institution. Using a survey, we explored how nine critical success factors (CSFs): executive management support (EMS), organizational maturity (OM), open communication (OC), risk management stakeholders (RMS), team member empowerment (TME), holistic view for an organization (HVO), security maintenance (SM), corporate security strategy (CSS), and human resource development (HRD) impacted SRM effectiveness. Implementing a mixed research method, we found that employees had a positive perception of SRM toward all CSFs but one―team member empowerment (TME). Both medical professionals and staff had a negative perception of how TME was implemented at the institution.
关键词:security risk management; healthcare IT; IT security; perceived security
