Expert Opinions on Information Security Governance Factors: An Exploratory Study
2011 (English)In: ECIS 2011 Proceedings / [ed] Virpi Kristiina Tuunainen, Matti Rossi, Joe Nandhakumar, 2011Conference paper (Refereed)
Information Security Governance (ISG) is an important discipline that addresses information security at a strategic level providing strategic direction, optimized use of information resources and proper security incident management. ISG and the impact of poor security incident management have attracted much attention in the literature but unfortunately there is little empirical evidence regarding the explicit link between ISG and its effectiveness in terms of reducing negative impacts on business objectives from security incidents. Consequently, little exploration of ISG factors and their impact on the above mentioned measure of effectiveness exists. Further, to direct endeavors the crucial question is if there exist any differences in how effective these factors are in attaining this target. Currently, there is a lack in research considering this question. The research presented in this article explores the ISG domain further by empirically examine 30 ISG factors and their ability of reducing negative impacts on business objectives from security incidents. Data has been collected by surveying ISG experts. Ten factors were identified to have significant different means in relation to other factors according to a one-way ANOVA analysis that was conducted. The results give an indication on what ISG factors that have an effect, providing both support for further academic research and also decision support for implementing ISG.
Place, publisher, year, edition, pages
Information security governance, information security governance factors, expert survey.
Electrical Engineering, Electronic Engineering, Information Engineering
IdentifiersURN: urn:nbn:se:kth:diva-101001ScopusID: 2-s2.0-84870629875OAI: oai:DiVA.org:kth-101001DiVA: diva2:546062
European Conference on Information Systems 2011, June 9-11, 2011 in Helsinki, Finland
QC 201209192012-08-222012-08-222014-08-26Bibliographically approved