Identifying factors of “organizational information security management”

Abhishek Narain Singh (Department of Management Studies, Indian Institute of Technology Delhi, New Delhi, India)
M.P. Gupta (Department of Management Studies, Indian Institute of Technology Delhi, New Delhi, India)
Amitabh Ojha (Research Design and Standards Organization, Ministry of Railway, Government of India, Lucknow, India)

Journal of Enterprise Information Management

ISSN: 1741-0398

Publication date: 2 September 2014

Abstract

Purpose

Despite many technically sophisticated solutions, managing information security has remained a persistent challenge for organizations. Emerging IT/ICT media have posed new security challenges to business information and information assets. It is felt that technical solutions alone are not sufficient to address the information security challenge. It has been argued that organizations also need to consider the management aspects of information security. Consequently, literature, especially in the last decade, has witnessed various scholarly works in this direction. Therefore, a synthesis exercise is required to bring clarity on categorizing the issues of organizational information security management (ISM) to take the research forward. The purpose of this paper is to identify management factors that address organizational information security challenges.

Design/methodology/approach

Using a mix method approach, the paper adopts the qualitative (keyword analysis and experts’ opinion) and quantitative (questionnaire survey) research routes. Exploratory factor analysis is conducted to find out the key factors of organizational ISM.

Findings

The paper categorizes various organizational ISM functions into ten factors. Spanning across three levels (strategic, tactical and operational), these factors cover various management issues of organizational ISM.

Originality/value

The paper takes the ISM literature forward by statistically validating the key management factors of organizational ISM. The study outcome should help to draw the attention of organizations toward the managerial challenges of organizational ISM.

Keywords

Citation

Narain Singh, A., Gupta, M. and Ojha, A. (2014), "Identifying factors of “organizational information security management”", Journal of Enterprise Information Management, Vol. 27 No. 5, pp. 644-667. https://doi.org/10.1108/JEIM-07-2013-0052

Download as .RIS

Publisher

:

Emerald Group Publishing Limited

Copyright © 2014, Emerald Group Publishing Limited

Please note you might not have access to this content

You may be able to access this content by login via Shibboleth, Open Athens or with your Emerald account.
If you would like to contact us about accessing this content, click the button and fill out the form.
To rent this content from Deepdyve, please click the button.