Understanding user participation in information security risk management
Risk management is the continuing process to control and manage the risk in organisation for identifying, accessing and controlling threats to an organisation’s capital and earning. The implementation of information security risk management (ISRM) helps to address the risks to information processed...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Advanced Informatics School, Universiti Teknologi Malaysia
2017
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/80684/1/NoorHafizahHassan2017_UnderstandingUserParticipationinInformation.pdf http://eprints.utm.my/id/eprint/80684/ http://publication.ais.utm.my/ojs/index.php/oiji/article/view/35/18 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| Language: | English |
| id |
my.utm.80684 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.806842019-06-27T06:15:24Z http://eprints.utm.my/id/eprint/80684/ Understanding user participation in information security risk management Mat Deli, Mohd. Sharudin Ahmad, Jarin Fathima Hassan, Noor Hafizah Maarop, Nurazean Samy, Ganthan Narayana Abdullah, Mohd. Shahidan Yaacob, Suraya HD30.213 Management information systems. Decision support systems Risk management is the continuing process to control and manage the risk in organisation for identifying, accessing and controlling threats to an organisation’s capital and earning. The implementation of information security risk management (ISRM) helps to address the risks to information processed by an organisation that may help the organisation to manage the risk effectively. Involving the user throughout the process of ISRM is important to ensure that it provides an effective security risk management (SRM). There are limited evidence shows that user participation is important in ISRM. Therefore, the aim of this paper to investigate user participation in ISRM from user participation and access control constructs. A quantitative method is implemented by distributing a questionnaire to two different organisational backgrounds to 20 respondents. This paper presents the initial findings that user participation play a significant role towards ISRM by presenting the results from the two constructs. The findings contribute to the body of knowledge that understanding user participation in ISRM shows that the process of risk management is different between two organisational backgrounds. Advanced Informatics School, Universiti Teknologi Malaysia 2017 Article PeerReviewed application/pdf en http://eprints.utm.my/id/eprint/80684/1/NoorHafizahHassan2017_UnderstandingUserParticipationinInformation.pdf Mat Deli, Mohd. Sharudin and Ahmad, Jarin Fathima and Hassan, Noor Hafizah and Maarop, Nurazean and Samy, Ganthan Narayana and Abdullah, Mohd. Shahidan and Yaacob, Suraya (2017) Understanding user participation in information security risk management. Open International Journal of Informatics (OIJI), 5 (2). pp. 32-37. ISSN 2289-2370 http://publication.ais.utm.my/ojs/index.php/oiji/article/view/35/18 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| language |
English |
| topic |
HD30.213 Management information systems. Decision support systems |
| spellingShingle |
HD30.213 Management information systems. Decision support systems Mat Deli, Mohd. Sharudin Ahmad, Jarin Fathima Hassan, Noor Hafizah Maarop, Nurazean Samy, Ganthan Narayana Abdullah, Mohd. Shahidan Yaacob, Suraya Understanding user participation in information security risk management |
| description |
Risk management is the continuing process to control and manage the risk in organisation for identifying, accessing and controlling threats to an organisation’s capital and earning. The implementation of information security risk management (ISRM) helps to address the risks to information processed by an organisation that may help the organisation to manage the risk effectively. Involving the user throughout the process of ISRM is important to ensure that it provides an effective security risk management (SRM). There are limited evidence shows that user participation is important in ISRM. Therefore, the aim of this paper to investigate user participation in ISRM from user participation and access control constructs. A quantitative method is implemented by distributing a questionnaire to two different organisational backgrounds to 20 respondents. This paper presents the initial findings that user participation play a significant role towards ISRM by presenting the results from the two constructs. The findings contribute to the body of knowledge that understanding user participation in ISRM shows that the process of risk management is different between two organisational backgrounds. |
| format |
Article |
| author |
Mat Deli, Mohd. Sharudin Ahmad, Jarin Fathima Hassan, Noor Hafizah Maarop, Nurazean Samy, Ganthan Narayana Abdullah, Mohd. Shahidan Yaacob, Suraya |
| author_facet |
Mat Deli, Mohd. Sharudin Ahmad, Jarin Fathima Hassan, Noor Hafizah Maarop, Nurazean Samy, Ganthan Narayana Abdullah, Mohd. Shahidan Yaacob, Suraya |
| author_sort |
Mat Deli, Mohd. Sharudin |
| title |
Understanding user participation in information security risk management |
| title_short |
Understanding user participation in information security risk management |
| title_full |
Understanding user participation in information security risk management |
| title_fullStr |
Understanding user participation in information security risk management |
| title_full_unstemmed |
Understanding user participation in information security risk management |
| title_sort |
understanding user participation in information security risk management |
| publisher |
Advanced Informatics School, Universiti Teknologi Malaysia |
| publishDate |
2017 |
| url |
http://eprints.utm.my/id/eprint/80684/1/NoorHafizahHassan2017_UnderstandingUserParticipationinInformation.pdf http://eprints.utm.my/id/eprint/80684/ http://publication.ais.utm.my/ojs/index.php/oiji/article/view/35/18 |
| _version_ |
1643658485759475712 |