In spite of the wealth of research in IS security, there is very little understanding of what actually makes an IS security program successful within an organization. Success has been treated generally as a separate entity from IS security altogether; a great deal of research has been conducted on the "means to the end", while limited research has been focused on truly understanding what the end actually is. The problem compelling this research is that previous studies within the IS security domain do not adequately consider what factors contribute towards IS security success within the organizational context, and how the factors interact.
This study built upon Shannon and Weaver (1949) and Mason (1978) to develop a model for predicting IS security success within an organization. A considerable body of information systems security literature was organized based on their findings. Core dimensions of information system security success were identified and operationalized within a model for predicting success with IS security initiatives. The model was empirically validated in a three-phase approach using survey methodology. First, the survey was tested for validity and reliability using an expert panel and pilot study. Next, the survey was administered to a sample, with the results analyzed using Confirmatory Factor Analysis and Structural Equation Modeling techniques.
Initial analysis of the measurement model generated through Confirmatory Factor Analysis showed mixed fit. Factor loadings and average variance extracted calculations resulted in the selection of low performing items for removal; after revision, the revised measurement model showed improved fit for all measures. Structural Equation Modeling analysis was conducted on three structural models with varying levels of mediation. Based on the analysis of fit and comparison indices, the model depicting partial mediation was determined to be the best variation of the IS security success model. This study is the first known instance of an empirically tested IS security success model and should provide many avenues for future study, as well as providing practitioners a fundamental roadmap for success within their organizational IS security programs.
| Identifer | oai:union.ndltd.org:nova.edu/oai:nsuworks.nova.edu:gscis_etd-1140 |
| Date | 01 January 2011 |
| Creators | Dunkerley, Kimberley |
| Publisher | NSUWorks |
| Source Sets | Nova Southeastern University |
| Detected Language | English |
| Type | text |
| Format | application/pdf |
| Source | CEC Theses and Dissertations |
Page generated in 0.0022 seconds