UTHM Institutional Repository

Collective information structure model for Information Security Risk Assessment (ISRA)

Siva Shamala, Palaniappan and Ahmad, Rabiah and Zolait, Ali Hussein and Sahib, Shahrin (2015) Collective information structure model for Information Security Risk Assessment (ISRA). Journal of Systems and Information Technology, 17 (2). pp. 193-219. ISSN 1328-7265

[img] PDF
p._siva_shamala_U.pdf

Download (244kB)

Abstract

Purpose – Information security has become an essential entity for organizations across the globe to eliminate the possible risks in their organizations by conducting information security risk assessment (ISRA). However, the existence of numerous different types of risk assessment methods, standards, guidelines and specifications readily available causes the organizations to face the daunting tasks in determining the most suitable method that would augur well in meeting their needs. Therefore, to overcome this tedious process, this paper suggests collective information structure model for ISRA. Design/methodology/approach – The proposed ISRA model was developed by deploying a questionnaire using close-ended questions administrated to a group of information security practitioners in Malaysia (N=80). The purpose of the survey was to strengthen and add more relevant additional features to the existing framework, as it was developed based on secondary data. Findings – Previous comparative and analyzed studies reveals that all the six types of ISRA methodologies have features of the same kind of information with a slight difference in form. Therefore, questionnaires were designed to insert additional features to the research framework. All the additional features chosen were based on high frequency of more than half percentage agreed responses from respondents. The analyses results inspire in generating a collective information structure model which more practical in the real environment of the workplace.

Item Type: Article
Uncontrolled Keywords: risk assessment; collective information structure; info-structure; information security; information security risk assessment (ISRA)
Subjects: Q Science > QA Mathematics > QA76 Computer software
Divisions: Faculty of Computer Science and Information Technology > Department of Information Security
Depositing User: Normajihan Abd. Rahman
Date Deposited: 26 Aug 2015 07:11
Last Modified: 26 Aug 2015 07:11
URI: http://eprints.uthm.edu.my/id/eprint/6992
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year