Indian Journal of Science and Technology

Open Access Open Access  Restricted Access Subscription Access

Will the Certification System for Information Security Management Help to Improve Organizations’ Information Security Performance? The Case of K-ISMS


Affiliations
1 Department of Electrical and Computer Engineering, Chungbuk National University, 1 Chungdae-ro, Seowon-gu, Cheongju, Chungbuk - 28644, Korea, Republic of
2 Department of Information Security Management, Chungbuk National University, 1 Chungdae-ro, Seowon-gu, Cheongju, Chungbuk - 28644, Korea, Republic of
 

Background/Objectives: Recognizing the importance of systematic security management in organizations, the government of South Korea introduced the Information Security Management System (ISMS) certification. Methods/ Statistical Analysis: In this study, based on prior studies dealing with the goal and evaluation items of ISMS certification, we developed a model to measure the performance of ISMS certification, using the SERVQUAL models, which are service evaluation models. Also, we carried out a survey of organizations that have acquired the certification in order to prove the model’s validity and suggest ways to develop ISMS certification. Findings: In the present study, we found that investment and concern in security can influence organisational security performance based on prior research, and developed survey items for performance measurement by acquisition of ISMS certification. We conducted surveys of organisations that required ISMS certification and tried to find some factors recognisable as a performance of ISMS certification. The result of the experiment was that factors influencing security performance are responsiveness and specialty. Application/ Improvements: Future research is increased ISMS certified company in accordance with the satisfaction and effectiveness of the ISMS certified company improved through systematic empirical and hope enhance the overall security level.

Keywords

Information Security Management System, ISMS Certification, Information Security Performance, Service Quality, SERVQUAL.
User

Abstract Views: 160

PDF Views: 0




  • Will the Certification System for Information Security Management Help to Improve Organizations’ Information Security Performance? The Case of K-ISMS

Abstract Views: 160  |  PDF Views: 0

Authors

Hee-Kyung Kong
Department of Electrical and Computer Engineering, Chungbuk National University, 1 Chungdae-ro, Seowon-gu, Cheongju, Chungbuk - 28644, Korea, Republic of
Jeong-hun Woo
Department of Information Security Management, Chungbuk National University, 1 Chungdae-ro, Seowon-gu, Cheongju, Chungbuk - 28644, Korea, Republic of
Tae-Sung Kim
Department of Information Security Management, Chungbuk National University, 1 Chungdae-ro, Seowon-gu, Cheongju, Chungbuk - 28644, Korea, Republic of
Hyuk Im
Department of Information Security Management, Chungbuk National University, 1 Chungdae-ro, Seowon-gu, Cheongju, Chungbuk - 28644, Korea, Republic of

Abstract


Background/Objectives: Recognizing the importance of systematic security management in organizations, the government of South Korea introduced the Information Security Management System (ISMS) certification. Methods/ Statistical Analysis: In this study, based on prior studies dealing with the goal and evaluation items of ISMS certification, we developed a model to measure the performance of ISMS certification, using the SERVQUAL models, which are service evaluation models. Also, we carried out a survey of organizations that have acquired the certification in order to prove the model’s validity and suggest ways to develop ISMS certification. Findings: In the present study, we found that investment and concern in security can influence organisational security performance based on prior research, and developed survey items for performance measurement by acquisition of ISMS certification. We conducted surveys of organisations that required ISMS certification and tried to find some factors recognisable as a performance of ISMS certification. The result of the experiment was that factors influencing security performance are responsiveness and specialty. Application/ Improvements: Future research is increased ISMS certified company in accordance with the satisfaction and effectiveness of the ISMS certified company improved through systematic empirical and hope enhance the overall security level.

Keywords


Information Security Management System, ISMS Certification, Information Security Performance, Service Quality, SERVQUAL.



DOI: https://doi.org/10.17485/ijst%2F2016%2Fv9i24%2F134555