Integrating Knowledge Management into Information Security-Reference-Cited by-同舟云学术

Integrating Knowledge Management into Information Security

Published:2019-01 Issue:1 Volume:15 Page:37-52
ISSN:1548-0666
Container-title:International Journal of Knowledge Management
language:en
Short-container-title:

Author:

Au Cheuk Hang¹,Fung Walter S. L.²

Affiliation:

1. The University of Sydney, Sydney, Australia

2. The Hong Kong Polytechnic University, Hunghom, Hong Kong

Abstract

Repeated information security (InfoSec) incidents have harmed the confidence of people on enterprises' InfoSec capability. While most organisations adopt control frameworks such as ISO27001 and COBIT, the role and contribution of knowledge management on InfoSec was inadequately considered. The authors integrated the concepts of knowledge-centric information security and IT Governance (ITG) into an ITG-driven knowledge framework (ITGKF) for reinforcing InfoSec maturity and auditability of enterprises. The authors also tried to assess whether ITG can embrace proper knowledge circulation within the InfoSec community. The authors confirmed the positive influence of IT governance on knowledge-centric information security (KCIS) and information security maturity and audit result (ISMAR), the positive influence of KCIS on ISMAR, and the mediating role of KCIS between ITG and ISMAR. These indicated the significance of KM in InfoSec area. Based on the findings, they proposed possible changes of integrating KM in different InfoSec practices and audit standard.

Publisher

IGI Global

Subject

Management of Technology and Innovation,Computer Science Applications,Management Information Systems

Reference56 articles.

1. Alnatheer, M. (2015). Information security culture critical success factors. Information Technology - New Generations (ITNG), 2015 12th International Conference on.

2. Critical success factors (CSFs) for information technology governance (ITG)

3. The 7 C’s of Knowledge Leadership: Innovating Our Future

4. Genre Knowledge in Disciplinary Communication

Cited by 15 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. The Missing Piece in the Zero Trust Sphere Knowledge Management Perspectives on Safeguarding Business Data;2024

2. DENETİM LİTERATÜRÜNDE DÜNYA ÇAPINDA EĞİLİMLER: BİBLİYOMETRİK BİR ANALİZ;Muhasebe Bilim Dünyası Dergisi;2023-02-22

3. Automation of Information Security Risk Assessment;International Journal of Electronics and Telecommunications;2022-04-27

4. An Information Security Performance Measurement Tool for Senior Managers: Balanced Scorecard Integration for Security Governance and Control Frameworks;Information Systems Frontiers;2022-02-28

5. The Role of Human Resource Management in Enhancing Organizational Information Systems Security;Research Anthology on Human Resource Practices for the Modern Workforce;2022