國立虎尾科技大學 |

Identifying Factors Contributing towards Information Security Maturity in an Organization.

紀錄類型:	書目-語言資料,手稿 : Monograph/item
正題名/作者:	Identifying Factors Contributing towards Information Security Maturity in an Organization./
作者:	Edwards, Madhuri M.
面頁冊數:	1 online resource (245 pages)
附註:	Source: Dissertation Abstracts International, Volume: 79-07(E), Section: B.
標題:	Information technology. -
電子資源:	click for full text (PQDT)
ISBN:	9780355665338

Identifying Factors Contributing towards Information Security Maturity in an Organization.
Edwards, Madhuri M.

Identifying Factors Contributing towards Information Security Maturity in an Organization. - 1 online resource (245 pages)

Source: Dissertation Abstracts International, Volume: 79-07(E), Section: B.

Thesis (Ph.D.)--Nova Southeastern University, 2018.

Includes bibliographical references

Information security capability maturity (ISCM) is a journey towards accurate alignment of business and security objectives, security systems, processes, and tasks integrated with business-enabled IT systems, security enabled organizational culture and decision making, and measurements and continuous improvements of controls and governance comprising security policies, processes, operating procedures, tasks, monitoring, and reporting. Information security capability maturity may be achieved in five levels: performing but ad-hoc, managed, defined, quantitatively governed, and optimized. These five levels need to be achieved in the capability areas of information integrity, information systems assurance, business enablement, security processes, security program management, competency of security team, security consciousness in employees, and security leadership. These areas of capabilities lead to achievement of technology trustworthiness of security controls, integrated security, and security guardianship throughout the enterprise, which are primary capability domains for achieving maturity of information security capability in an organization. There are many factors influencing the areas of capabilities and the capability domains for achieving information security capability maturity. However, there is little existing study done on identifying the factors that contribute to achievement of the highest level of information security capability maturity (optimized) in an organization.

Electronic reproduction.
Ann Arbor, Mich. :
ProQuest,
2018

Mode of access: World Wide Web

ISBN: 9780355665338Subjects--Topical Terms:

559429
Information technology.
Index Terms--Genre/Form:

554714
Electronic books.

Identifying Factors Contributing towards Information Security Maturity in an Organization.
LDR:05309ntm a2200373K 4500 001 915037
005 20180727091503.5
006 m o u
007 cr mn||||a|a||
008 190606s2018 xx obm 000 0 eng d
020 $a 9780355665338
035 $a (MiAaPQ)AAI10746212
035 $a (MiAaPQ)scisnova:10496
035 $a AAI10746212
040 $a MiAaPQ $b eng $c MiAaPQ
100 1 $a Edwards, Madhuri M. $3 1148697
245 1 0 $a Identifying Factors Contributing towards Information Security Maturity in an Organization.
264 0 $c 2018
300 $a 1 online resource (245 pages)
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
500 $a Source: Dissertation Abstracts International, Volume: 79-07(E), Section: B.
500 $a Adviser: Gurvirender Tejay.
502 $a Thesis (Ph.D.)--Nova Southeastern University, 2018.
504 $a Includes bibliographical references
520 $a Information security capability maturity (ISCM) is a journey towards accurate alignment of business and security objectives, security systems, processes, and tasks integrated with business-enabled IT systems, security enabled organizational culture and decision making, and measurements and continuous improvements of controls and governance comprising security policies, processes, operating procedures, tasks, monitoring, and reporting. Information security capability maturity may be achieved in five levels: performing but ad-hoc, managed, defined, quantitatively governed, and optimized. These five levels need to be achieved in the capability areas of information integrity, information systems assurance, business enablement, security processes, security program management, competency of security team, security consciousness in employees, and security leadership. These areas of capabilities lead to achievement of technology trustworthiness of security controls, integrated security, and security guardianship throughout the enterprise, which are primary capability domains for achieving maturity of information security capability in an organization. There are many factors influencing the areas of capabilities and the capability domains for achieving information security capability maturity. However, there is little existing study done on identifying the factors that contribute to achievement of the highest level of information security capability maturity (optimized) in an organization.
520 $a This research was designed to contribute to this area of research gap by identifying the factors contributing to the areas of capabilities for achieving the highest level of information security capability maturity. The factors were grouped under the eight capability areas and the three capability domains in the form of an initial structural construct. This research was designed to collect data on all the factors using an online structured questionnaire and analyzing the reliability and validity of the initial structural construct following the methods of principal components analysis (PCA), Cronbach Alpha reliability analysis, confirmatory factor analysis (CFA), and structural equation modeling. A number of multivariate statistical tests were conducted on the data collected regarding the factors to achieve an optimal model reflecting statistical significance, reliability, and validity. The research was conducted in four phases: expert panel and pilot study (first phase), principal component analysis (PCA) and reliability analysis (RA) of the factor scales (second phase), confirmatory factor analysis (CFA) using LISREL (third phase), and structural equation modeling (SEM) using LISREL (fourth phase). The final model subsequent to completing the four phases reflected acceptance or rejection of the eleven hypotheses defined in the initial structural construct of this study.
520 $a The final optimized model was obtained with the most significant factors loading on the capability areas of information integrity, information security assurance, business enablement, security process maturity, security program management, competency of security team, security conscious employees, and security leadership, including the most significant factors loading the three capability domains of security technology trustworthiness, security integration, and security guardianship. All the eleven hypotheses were accepted as part of the optimal structural construct of the final model. The model provides a complex integrated framework of information security maturity requiring multi-functional advancements and maturity in processes, people, and technology, and organized security program management and communications fully integrated with the business programs and communications. Information security maturity is concluded as a complex function of multiple maturity programs in an organization leading to organized governance structures, multiple maturity programs, leadership, security consciousness, and risk-aware culture of employees.
533 $a Electronic reproduction. $b Ann Arbor, Mich. : $c ProQuest, $d 2018
538 $a Mode of access: World Wide Web
650 4 $a Information technology. $3 559429
650 4 $a Information science. $3 561178
650 4 $a Computer science. $3 573171
650 4 $a Organizational behavior. $3 557544
655 7 $a Electronic books. $2 local $3 554714
690 $a 0489
690 $a 0723
690 $a 0984
690 $a 0703
710 2 $a ProQuest Information and Learning Co. $3 1178819
710 2 $a Nova Southeastern University. $b Information Systems. $3 1148698
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=10746212 $z click for full text (PQDT)