دانلود رایگان مقاله انگلیسی ابعاد کیفیت اطلاعات در مدیریت ریسک امنیت اطلاعات (ISRM) - الزویر 2017

abstract

Information security is becoming an important entity to most organizations due to current trends in information transfer through a borderless and vulnerable world. This gives more concerns and aware organization to apply information security risk management (ISRM) to develop effective and economicallyviable control strategies. Even though there are numerous ISRM methods that are readily available, most of the ISRM methods prescribe a similar process that leads to establish a scope of the assessment, collecting information, producing intermediary information, and finally using the collected information to identify their security risks and provide a measured, analyzed security profile of critical information assets. Based on the “garbage in-garbage out” phenomenon, the success of ISRM planning tremendously depends on the quality of input information. However, with the amount, diversity and variety of information available, practitioners can easily deflects with grown information and becoming unmanageable. Therefore this paper contribute as a stepping stone to determine which IQ dimensions constitute the quality of the information throughout the process of gathering information during ISRM. Seems to accurately define the attributes of IQ dimensions, IQ needs to be assessed within the context of its generation. Thus, papers on IQ web were assessed and comparative analysis was conducted to identify the possible dimensions for ISRM. Then, online survey using likert structured questionnaire were distributed among a group of information security practitioners in Malaysia (N = 150). Partial least square (PLS) analysis revealed that dimension accuracy, amount of data, objective, completeness, reliability and verifiability are significantly influence the quality of information gathering for ISRM. These IQ dimensions can guide practitioners in the process of gathering quality and complete information in order to make a plan that leads to a clear direction, and ultimately help to make decisions that lead to success.

6. Discussion and conclusion

Information quality dimensions can ensure that an organization has a good level of information quality to support the information they gathered throughout the ISRM activities. This is because decisions are only can be considered as good as the information on which they have relied. Therefore, by knowing the acceptable information quality dimensions for ISRM can be a strong foundation for organizations to have confidence in gathering quality information during ISRM implementation.

This research can be a stepping stone to determine which information quality dimensions constitute the quality of the information throughout the process of gathering information during ISRM. The findings determined there are six dimensions can influence the quality of information gathering for ISRM. The dimensions are accuracy, the amount of data, completeness, objectives, reliability and verifiability. These dimensions can guide information security practitioners to define their own quality evaluations criteria for ensuring the information gathered for ISRM is considered quality and can lead information security practitioners to make evidence-based decisions.

Thus, the determined information quality can be used to ensure the process of conducting ISRM activity is quality by setting their own criteria measurement. It is undeniable that, only with information of high quality can lead organization to make correct decision on allocating resources and responsibility, applying appropriate controls to reduce the risks, maintaining appropriate protection of organizational assets, making well-informed risk management decisions and acting correctly in the combination of high consequence nature of disasters with the aim of successfully deliver their organization’s business objectives.