Information quality structure framework in developing an information security management system (ISMS)

Organisations are progressively aware that information security is an important aspect of their business strategy. The awareness make organisations to achieve an ideal level of management system to establish and maintain a secure information environment. Hence, organisations are currently applying f...

Full description

Saved in:
Bibliographic Details
Main Author: Palaniappan, P Siva Shamala
Format: Thesis
Language:English
English
Published: 2017
Subjects:
Online Access:http://eprints.utem.edu.my/id/eprint/20628/1/Information%20Quality%20Structure%20Framework%20In%20Developing%20An%20Information%20Security%20Management%20System%20%28ISMS%29.pdf
http://eprints.utem.edu.my/id/eprint/20628/2/Information%20quality%20structure%20framework%20in%20developing%20an%20information%20security%20management%20system%20%28ISMS%29.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utem-ep.20628
record_format uketd_dc
institution Universiti Teknikal Malaysia Melaka
collection UTeM Repository
language English
English
advisor Ahmad, Rabiah
topic Q Science (General)
QA Mathematics
spellingShingle Q Science (General)
QA Mathematics
Palaniappan, P Siva Shamala
Information quality structure framework in developing an information security management system (ISMS)
description Organisations are progressively aware that information security is an important aspect of their business strategy. The awareness make organisations to achieve an ideal level of management system to establish and maintain a secure information environment. Hence, organisations are currently applying for information security management system (ISMS) to effectively manage their information assets. ISMS will ensure that the right people, processes and technologies are in place, and facilitates a proactive approach to manage security and risk. Unfortunately, limited scholarly investigation has been undertaken to present a need of properly defined steps of process approach in which a structured way of managing ISMS within an organisation is provided. This is due to the well-known process approach, “Plan-Do-Check-Act” lifecycle model which is unable to give information on how organisations should develop security objectives and ISMS strategies. Also, there are no recognized and standard ISMS frameworks for action. The lack of standardized and trustable ISMS methods, and complexity of ISMS standards has caused practitioners to face difficulties in understanding the ISMS requirements. However, after the daunting task on choosing one preferred methods, practitioners are also required to gather information to complete all the ISMS requirement planning. Practically, practitioners gather information in a surveillance mode rather than in decision mode. Hence, practitioners are required to evaluate the collected information resource in order to eliminate all the “garbage” information. Therefore, this research aims to provide an Information Quality Structure Framework for ISMS. This study adopts a mixed method and explanatory sequential approaches to achieve the research objectives. After an extensive literature review, the quantitative study begins with descriptive study in order to determine components of information structure. Then Likert structured questionnaire was distributed and the findings have been analyzed using Rasch Measurement Model (RMM) and SEM-PLS. Qualitative analysis was done by validating the framework on ensuring the proposed framework conforms to real working ISMS specification and its usefulness for organisations. Semi-structured interview among six expert panel in ISMS industry were conducted. The results from this study, managed to develop Information Quality Structure Framework for ISMS. The proposed framework consists of (1) information structure focuses on providing layout of information which is organized in a way, in which the components are put together to form a meaningful structure which can be navigated at any time and (2) quality dimensions: accuracy, objective, completeness, reliability and verifiability ensure the quality of information and (3) provide a synthesis of information quality dimensions parameters to ensure the quality of information is emphasized throughout the ISMS process. The proposed framework contributes to the field of ISMS, certification area and also contributes information quality theory in ISMS field. The proposed framework provides an awareness on knowing beforehand what to do and to what extent they are already conquering the quality information needed for getting clear direction and to develop ISMS.
format Thesis
qualification_name Doctor of Philosophy (PhD.)
qualification_level Doctorate
author Palaniappan, P Siva Shamala
author_facet Palaniappan, P Siva Shamala
author_sort Palaniappan, P Siva Shamala
title Information quality structure framework in developing an information security management system (ISMS)
title_short Information quality structure framework in developing an information security management system (ISMS)
title_full Information quality structure framework in developing an information security management system (ISMS)
title_fullStr Information quality structure framework in developing an information security management system (ISMS)
title_full_unstemmed Information quality structure framework in developing an information security management system (ISMS)
title_sort information quality structure framework in developing an information security management system (isms)
granting_institution Universiti Teknikal Malaysia Melaka
granting_department Faculty Of Information And Communication Technology
publishDate 2017
url http://eprints.utem.edu.my/id/eprint/20628/1/Information%20Quality%20Structure%20Framework%20In%20Developing%20An%20Information%20Security%20Management%20System%20%28ISMS%29.pdf
http://eprints.utem.edu.my/id/eprint/20628/2/Information%20quality%20structure%20framework%20in%20developing%20an%20information%20security%20management%20system%20%28ISMS%29.pdf
_version_ 1747833989452791808
spelling my-utem-ep.206282022-06-03T16:31:21Z Information quality structure framework in developing an information security management system (ISMS) 2017 Palaniappan, P Siva Shamala Q Science (General) QA Mathematics Organisations are progressively aware that information security is an important aspect of their business strategy. The awareness make organisations to achieve an ideal level of management system to establish and maintain a secure information environment. Hence, organisations are currently applying for information security management system (ISMS) to effectively manage their information assets. ISMS will ensure that the right people, processes and technologies are in place, and facilitates a proactive approach to manage security and risk. Unfortunately, limited scholarly investigation has been undertaken to present a need of properly defined steps of process approach in which a structured way of managing ISMS within an organisation is provided. This is due to the well-known process approach, “Plan-Do-Check-Act” lifecycle model which is unable to give information on how organisations should develop security objectives and ISMS strategies. Also, there are no recognized and standard ISMS frameworks for action. The lack of standardized and trustable ISMS methods, and complexity of ISMS standards has caused practitioners to face difficulties in understanding the ISMS requirements. However, after the daunting task on choosing one preferred methods, practitioners are also required to gather information to complete all the ISMS requirement planning. Practically, practitioners gather information in a surveillance mode rather than in decision mode. Hence, practitioners are required to evaluate the collected information resource in order to eliminate all the “garbage” information. Therefore, this research aims to provide an Information Quality Structure Framework for ISMS. This study adopts a mixed method and explanatory sequential approaches to achieve the research objectives. After an extensive literature review, the quantitative study begins with descriptive study in order to determine components of information structure. Then Likert structured questionnaire was distributed and the findings have been analyzed using Rasch Measurement Model (RMM) and SEM-PLS. Qualitative analysis was done by validating the framework on ensuring the proposed framework conforms to real working ISMS specification and its usefulness for organisations. Semi-structured interview among six expert panel in ISMS industry were conducted. The results from this study, managed to develop Information Quality Structure Framework for ISMS. The proposed framework consists of (1) information structure focuses on providing layout of information which is organized in a way, in which the components are put together to form a meaningful structure which can be navigated at any time and (2) quality dimensions: accuracy, objective, completeness, reliability and verifiability ensure the quality of information and (3) provide a synthesis of information quality dimensions parameters to ensure the quality of information is emphasized throughout the ISMS process. The proposed framework contributes to the field of ISMS, certification area and also contributes information quality theory in ISMS field. The proposed framework provides an awareness on knowing beforehand what to do and to what extent they are already conquering the quality information needed for getting clear direction and to develop ISMS. 2017 Thesis http://eprints.utem.edu.my/id/eprint/20628/ http://eprints.utem.edu.my/id/eprint/20628/1/Information%20Quality%20Structure%20Framework%20In%20Developing%20An%20Information%20Security%20Management%20System%20%28ISMS%29.pdf text en public http://eprints.utem.edu.my/id/eprint/20628/2/Information%20quality%20structure%20framework%20in%20developing%20an%20information%20security%20management%20system%20%28ISMS%29.pdf text en validuser https://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=107013&query_desc=kw%2Cwrdl%3A%20Information%20Quality%20Structure phd doctoral Universiti Teknikal Malaysia Melaka Faculty Of Information And Communication Technology Ahmad, Rabiah