What is it about?
There are two deficiencies in current information security research. First, most studies do not look at objective outcomes. Second, the previous studies looked at discrete behaviors. This study connected processes in the firm with objective security outcomes. The result is an instrument which firms can use to examine internal processes and relate them to specific types of information security breaches.
Featured Image
Why is it important?
Effective information security is a set of interrelated processes. We identify these processes and connect them with objective outcomes.
Perspectives
Firms are faced with many decisions about how and where to put their efforts. One area that has become increasingly important is their level of security with respect to their corporate information. This study offers some guidance on priorities for creating an effective information security program.
Dr GRAHAM Gal
University of Massachusetts Amherst
Read the Original
This page is a summary of: SECURQUAL: An Instrument for Evaluating the Effectiveness of Enterprise Information Security Programs, Journal of Information Systems, March 2016, American Accounting Association,
DOI: 10.2308/isys-51257.
You can read the full text:
Contributors
The following have contributed to this page
