To read this content please select one of the options below:

A conceptual model and empirical assessment of HR security risk management

Peace Kumah (Ghana Education Service, Accra, Ghana)
Winfred Yaokumah (Department of Computer Science, University of Ghana, Accra, Ghana)
Eric Saviour Aryee Okai (Department of Information Technology, Pentecost University College, Accra, Ghana)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 11 June 2019

Issue publication date: 19 June 2019




This study aims to develop a conceptual model and assess the extent to which pre-, during- and post-employment HR security controls are applied in organizations to manage information security risks.


The conceptual model is developed based on the agency theory and the review of theoretical, empirical and practitioner literature. Following, empirical data are collected through a survey from 134 IT professionals, internal audit personnel and HR managers working within five major industry sectors in a developing country to test the organizational differences in pre-, during- and post-employment HR security measures.


Using analysis of variance, the findings reveal significant differences among the organizations. Financial institutions perform better in employee background checks, terms and conditions of employment, management responsibilities, security education, training and awareness and disciplinary process. Conversely, healthcare institutions outperform other organizations in post-employment security management. The government public institutions perform the worst among all the organizations.


An integration of a conceptual model with HR security controls is an area that is under-researched and under-reported in information security and human resource management literature. Accordingly, this research on HR security management contributes to reducing such a gap and adds to the existing HR security risk management literature. It, thereby, provides an opportunity for researchers to conduct comparative studies between developed and developing nations or to benchmark a specific organization’s HR security management.



Kumah, P., Yaokumah, W. and Okai, E.S.A. (2019), "A conceptual model and empirical assessment of HR security risk management", Information and Computer Security, Vol. 27 No. 3, pp. 411-433.



Emerald Publishing Limited

Copyright © 2019, Emerald Publishing Limited

Related articles