IDEAS home Printed from https://ideas.repec.org/a/igg/jtd000/v7y2016i1p53-72.html
   My bibliography  Save this article

Investigation into the State-of-Practice of Operations Security Management Based on ISO/IEC 27002

Author

Listed:
  • Winfred Yaokumah

    (Department of Information Technology, Pentecost University College, Accra, Ghana)

Abstract

This study assessed information security management in organizations through a questionnaire based on the ISO/IEC 27002, with special focus on operations security. A survey with cross-sectional research design was conducted and data collected from 223 participants from 56 organizations. Overall, the level of operations security maturity was 61.2%, which is the maturity Level 3 (well-defined). This level suggested that operations security controls and processes were documented, approved, and implemented organization-wide. Backups and malware protection were the most implemented security controls, while logging, auditing and monitoring were the least implemented controls. Assessment of inter-organizational operations security found significant differences among the organizations. Financial and Health Care Institutions outperform Educational Institutions and Government Public Service. The study provided insight into maturity levels of operations security controls and the results useful for benchmarking inter-organizational performance, competitiveness and improvement in information security.

Suggested Citation

  • Winfred Yaokumah, 2016. "Investigation into the State-of-Practice of Operations Security Management Based on ISO/IEC 27002," International Journal of Technology Diffusion (IJTD), IGI Global, vol. 7(1), pages 53-72, January.
  • Handle: RePEc:igg:jtd000:v:7:y:2016:i:1:p:53-72
    as

    Download full text from publisher

    File URL: http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/IJTD.2016010104
    Download Restriction: no
    ---><---

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:jtd000:v:7:y:2016:i:1:p:53-72. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.