Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Expert Opinions on Information Security Governance Factors: An Exploratory Study
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
2011 (English)In: ECIS 2011 Proceedings / [ed] Virpi Kristiina Tuunainen, Matti Rossi, Joe Nandhakumar, 2011Conference paper, Published paper (Refereed)
Abstract [en]

Information Security Governance (ISG) is an important discipline that addresses information security at a strategic level providing strategic direction, optimized use of information resources and proper security incident management. ISG and the impact of poor security incident management have attracted much attention in the literature but unfortunately there is little empirical evidence regarding the explicit link between ISG and its effectiveness in terms of reducing negative impacts on business objectives from security incidents. Consequently, little exploration of ISG factors and their impact on the above mentioned measure of effectiveness exists. Further, to direct endeavors the crucial question is if there exist any differences in how effective these factors are in attaining this target. Currently, there is a lack in research considering this question. The research presented in this article explores the ISG domain further by empirically examine 30 ISG factors and their ability of reducing negative impacts on business objectives from security incidents. Data has been collected by surveying ISG experts. Ten factors were identified to have significant different means in relation to other factors according to a one-way ANOVA analysis that was conducted. The results give an indication on what ISG factors that have an effect, providing both support for further academic research and also decision support for implementing ISG.

Place, publisher, year, edition, pages
2011.
Keyword [en]
Information security governance, information security governance factors, expert survey.
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-101001Scopus ID: 2-s2.0-84870629875OAI: oai:DiVA.org:kth-101001DiVA: diva2:546062
Conference
European Conference on Information Systems 2011, June 9-11, 2011 in Helsinki, Finland
Note

QC 20120919

Available from: 2012-08-22 Created: 2012-08-22 Last updated: 2014-08-26Bibliographically approved

Open Access in DiVA

No full text

Other links

ScopusPublished version

Search in DiVA

By author/editor
Rocha Flores, Waldo
By organisation
Industrial Information and Control Systems
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 54 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf