Modeling of information security management parameters in Indian organizations using ISM and MICMAC approach

Muktesh Chander (Department of Management Studies, Indian Institute of Technology Delhi, New Delhi, India)
Sudhir K. Jain (Department of Management Studies, Indian Institute of Technology Delhi, New Delhi, India)
Ravi Shankar (Department of Management Studies, Indian Institute of Technology Delhi, New Delhi, India)

Journal of Modelling in Management

ISSN: 1746-5664

Publication date: 28 June 2013

Abstract

Purpose

The purpose of this paper is to identify various information security management parameters and develop a conceptual framework for it.

Design/methodology/approach

Interpretive Structural Modeling (ISM) and MICMAC approaches have been used to identify and classify the key factors of information security management based on the direct and indirect relationship of these factors.

Findings

The research presents a classification of key parameters according to their driving power and dependence which enable information security management in an organization. It also suggests parameters on which management should pay more attention.

Research limitations/implications

In the paper, 12 parameters were identified based on a literature study and expert help. It is possible to identify some more parameters for ISM development. The help of experts was also used to identify the contextual relationship among the variables for the ISM model. This may introduce some element of bias. Although a relationship model using ISM has been developed, it has not been validated statistically. For future research, it is suggested that the structural equation modelling (SEM) technique may be used to corroborate the findings of ISM. Some of the variables have been grouped together, being a part of a subset due to their similar nature; but it is possible to treat them as independent variables. Future researches may establish their interrelationships also.

Practical implications

The paper has tremendous practical utility for organizations which want to reap the benefits of information and communication technology for their growth but are struggling to find a right approach to deal with information security breach incidents.

Originality/value

Development of a framework for information security management in an organization is the major contribution of this paper. This would be of help to strategic managers in managing information security with emphasis on key parameters identified here.

Keywords

Citation

Chander, M., Jain, S. and Shankar, R. (2013), "Modeling of information security management parameters in Indian organizations using ISM and MICMAC approach", Journal of Modelling in Management, Vol. 8 No. 2, pp. 171-189. https://doi.org/10.1108/JM2-10-2011-0054

Download as .RIS

Publisher

:

Emerald Group Publishing Limited

Copyright © 2013, Emerald Group Publishing Limited

Please note you might not have access to this content

You may be able to access this content by login via Shibboleth, Open Athens or with your Emerald account.
If you would like to contact us about accessing this content, click the button and fill out the form.
To rent this content from Deepdyve, please click the button.