Identifying factors of “organizational information security management”

Abhishek Narain Singh (Department of Management Studies, Indian Institute of Technology Delhi, New Delhi, India)
M.P. Gupta (Department of Management Studies, Indian Institute of Technology Delhi, New Delhi, India)
Amitabh Ojha (Research Design and Standards Organization, Ministry of Railway, Government of India, Lucknow, India)

Journal of Enterprise Information Management

ISSN: 1741-0398

Publication date: 2 September 2014



Despite many technically sophisticated solutions, managing information security has remained a persistent challenge for organizations. Emerging IT/ICT media have posed new security challenges to business information and information assets. It is felt that technical solutions alone are not sufficient to address the information security challenge. It has been argued that organizations also need to consider the management aspects of information security. Consequently, literature, especially in the last decade, has witnessed various scholarly works in this direction. Therefore, a synthesis exercise is required to bring clarity on categorizing the issues of organizational information security management (ISM) to take the research forward. The purpose of this paper is to identify management factors that address organizational information security challenges.


Using a mix method approach, the paper adopts the qualitative (keyword analysis and experts’ opinion) and quantitative (questionnaire survey) research routes. Exploratory factor analysis is conducted to find out the key factors of organizational ISM.


The paper categorizes various organizational ISM functions into ten factors. Spanning across three levels (strategic, tactical and operational), these factors cover various management issues of organizational ISM.


The paper takes the ISM literature forward by statistically validating the key management factors of organizational ISM. The study outcome should help to draw the attention of organizations toward the managerial challenges of organizational ISM.



Narain Singh, A., Gupta, M. and Ojha, A. (2014), "Identifying factors of “organizational information security management”", Journal of Enterprise Information Management, Vol. 27 No. 5, pp. 644-667.

Download as .RIS



Emerald Group Publishing Limited

Copyright © 2014, Emerald Group Publishing Limited

Please note you might not have access to this content

You may be able to access this content by login via Shibboleth, Open Athens or with your Emerald account.
If you would like to contact us about accessing this content, click the button and fill out the form.
To rent this content from Deepdyve, please click the button.