Enterprise risk management and information technology security in the financial sector
Information and Computer Security
ISSN: 2056-4961
Article publication date: 8 February 2022
Issue publication date: 27 May 2022
Abstract
Purpose
This study aims to empirically investigate the relationship between enterprise risk management (ERM) and information technology (IT) security within the financial sector.
Design/methodology/approach
Risk officers of financial institutions licensed by the Central Bank of Ghana constituted the sample frame. A structured questionnaire was used to elicit data from the respondents. The structural equation modeling method was employed to analyze the hypothesized model.
Findings
The results revealed that ERM has a strong positive substantial effect on IT security within financial institutions. However, organizational culture failed to moderate the relationship between ERM and IT security.
Practical implications
A well-managed risk helps to eliminate ineffective, archaic and redundant technology as the originator of rising perils and organizational concerns in today's corporate financial institutions since ERM established a substantially strong positive correlation among the variables.
Originality/value
ERM studies in the African context are rare. This paper adds to contemporary literature by providing a new perspective toward the understanding of the relationship between ERM and IT security, especially in the financial industry.
Keywords
Citation
Owusu Kwateng, K., Amanor, C. and Tetteh, F.K. (2022), "Enterprise risk management and information technology security in the financial sector", Information and Computer Security, Vol. 30 No. 3, pp. 422-451. https://doi.org/10.1108/ICS-11-2020-0185
Publisher
:Emerald Publishing Limited
Copyright © 2022, Emerald Publishing Limited