Integrating Information Quality Dimensions Into Information Security Risk Management (ISRM)

Zolait, Ali and Palaniappan, Shamala and Ahmad, Rabiah and Sedek, Muliati (2017) Integrating Information Quality Dimensions Into Information Security Risk Management (ISRM). Journal of Information Security and Applications, 36. pp. 1-10. ISSN 2214-2134

[img] Text
Restricted to Registered users only

Download (1MB)


Information security is becoming an important entity to most organizations due to current trends in information transfer through a borderless and vulnerable world. This gives more concerns and aware organization to apply information security risk management (ISRM) to develop effective and economicallyviable control strategies. Even though there are numerous ISRM methods that are readily available, most of the ISRM methods prescribe a similar process that leads to establish a scope of the assessment, collecting information, producing intermediary information, and finally using the collected information to identify their security risks and provide a measured, analyzed security profile of critical information assets. Based on the “garbage in-garbage out” phenomenon, the success of ISRM planning tremendously depends on the quality of input information. However, with the amount, diversity and variety of information available, practitioners can easily deflects with grown information and becoming unmanageable. Therefore this paper contribute as a stepping stone to determine which IQ dimensions constitute the quality of the information throughout the process of gathering information during ISRM. Seems to accurately define the attributes of IQ dimensions, IQ needs to be assessed within the context of its generation. Thus, papers on IQ web were assessed and comparative analysis was conducted to identify the possible dimensions for ISRM. Then, online survey using likert structured questionnaire were distributed among a group of information security practitioners in Malaysia (N = 150). Partial least square (PLS) analysis revealed that dimension accuracy, amount of data, objective, completeness, reliability and verifiability are significantly influence the quality of information gathering for ISRM. These IQ dimensions can guide practitioners in the process of gathering quality and complete information in order to make a plan that leads to a clear direction, and ultimately help to make decisions that lead to success.

Item Type: Article
Uncontrolled Keywords: Information security, Risk management, Information quality, Information security risk management
Divisions: Faculty of Information and Communication Technology
Depositing User: Sabariah Ismail
Date Deposited: 14 Oct 2021 11:35
Last Modified: 14 Oct 2021 11:35
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item