The effect of information quality integrity on information security risk management

Document Type : Original Article

Authors

1 Department of Accounting, Gorgan Branch, Islamic Azad University, Gorgan , Iran

2 Department of Accounting and Management, Ali Abad katoul Branch, Islamic Azad University, Ali Abad Katoul, Iran

Abstract

Information security is becoming an important proposition for most organizations due to the current process of transferring information through a world without borders and vulnerabilities. This has raised concerns and awareness of the use of ISRM to develop effective economic control strategies. Although there are several types of information security risk management tools that are readily available, most of the methods do the same, which results in the creation of a range of evaluation, information collection and intermediary information generation. the success of ISRM planning depends strongly on the quality of the input information, however, with the amount, variety and variety of information available to professionals, can easily be controlled with enhanced information. This article helps determine which dimensions of IQ contribute to the quality of information during the process of collecting information during the ISRM. To properly define, IQ dimensions are evaluated in terms of its production.
To identify possible dimensions of information security risk management, Likert Online Structural Questionnaire was distributed among a group of senior and Ph.D. students at Gorgan University of Azad University who were engaged in accounting and auditing work (47 people). Partial least squares analysis (PLS) showed that the dimensions of accuracy, data rate, access to information, reliability of information, conciseness of data, completeness of information and reliability of information, relevance of information, reliability of information, timeliness of information, comprehensibility and Information uniformity significantly affects the quality of data collection on information security risk management

Keywords

References

   [1]      G.Disterer, Iso/iec 27000, 27001 and 27002 for information security management. Journal of Information Security, 4(02), 92, 2013.##
   [2]      A.Borek, A.K.Parlikad, J.Webb and P. Woodall, Total information risk management: Maximizing the value of data and information assets: Newnes, 2013.##
   [3]      C. C. Lo, & W.J Chen, A hybrid information security risk assessment procedure considering interdependences between controls. Expert Systems with Applications, 39(1), pp.247-257, 2012.##
   [4]      R.Yosefi zenor, A.Hasan por and P.Mosavi, eraee modeli jahate olaviat bandi riskhaye amniat etelaate sazmani ba estefade az AHP fazi v shabake bizin dar senate bankdari, Journal of Industrial Management Studies, vol.13, no.37, pp.161-185,2015. (in persian)##
   [5]      N.Feng, H.J. Wang and M.Li, A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis. Information sciences,vol.256, pp.57-73, 2014.##
   [6]      J.Webb, A.Ahmad, S.B. Maynard and G.Shanks, A situation awareness model for information security risk management. Computers & security, 44, pp.1-15, 2014.##
   [7]      A.Jones, A framework for the management of information security risks. BT technology journal, 25(1), pp.30-36, 2007.##
   [8]      E.Wheeler, Security risk management: Building an information security risk management program from the ground up: Elsevier, 2011.##
   [9]      R. Ross, Managing enterprise risk in today's world of sophisticated threats: A framework for developing broad-based, cost-effective information security programs. EDPAC: The EDP Audit, Control, and Security Newsletter, 35(2), pp.1-10, 2007.##
[10]      P.Shedden, T.Ruighaver, and A.Ahmad, Risk management standards œ the perception of ease of use,2006.##
[11]      A.Dontoh, S.Radhakrishnan, and J.Ronen, The declining value-relevance of accounting information and nonā€information-based trading: An empirical analysis. Contemporary Accounting Research, 21(4),pp. 795-812,2004.##
[12]      P.Shamala, R.Ahmad, A.Zolait, and M.Sedek, Integrating information quality dimensions into information security risk management (ISRM). Journal of Information Security and Applications,vol. 36,pp. 1-10, 2017.##
[13]      P.Shedden, W. Smith and A.Ahmad, Information security risk assessment: Towards a business practice perspective, 2010.##
[14]      J.Chen, W.Pedrycz, L.Ma, and C.Wang, A new information security risk analysis method based on membership degree. Kybernetes, 43(5),pp. 686-698, 2014.##
[15]      M.Korman, T.Sommestad, J.Hallberg, J. Bengtsson and M.Ekstedt, Overview of enterprise information needs in information security risk assessment. Paper presented at the Enterprise Distributed Object Computing Conference (EDOC), 2014 IEEE 18th International, 2014.##
[16]      A.Borek, A.K. Parlikad, P.Woodall, and M.Tomasella, A risk based model for quantifying the impact of information quality. Computers in Industry, 65(2),pp. 354-366, 2014.##
[17]      B.Stvilia, L.Gasser, M.B. Twidale and L.C. Smith, A framework for information quality assessment. Journal of the American society for information science and technology, 58(12), pp.1720-1733, 2007.##
[18]      A.Ahmadpor, S.rasekhi and z.nasiri ghale, tasir keifiat etelaat bar risk naghdinegi, Journal of Accounting and Audit Management,vol.2, no.5.pp.85-98,2013.(in persian)##
[19]      C.W Fisher and B.R. Kingma, Criticality of data quality as exemplified in two disasters. Information & Management, 39(2), pp.109-116, 2001.##
[20]      Ge, M and Helfert, M. (2008). Effects of information quality on inventory management. International Journal of Information Quality, 2(2), 177-191,2008.##
[21]      D.P. Ballou, H.L. Pazer, Modeling data and process quality in multi-input, multi-output information systems. Management science, 31(2), pp.150-162, 1985##
[22]      C. Batini, C. Cappiello, C. Francalanci, and A.Maurino, Methodologies for data quality assessment and improvement. ACM computing surveys (CSUR), 41(3), 16, 2009##
[23]      B.F Lóscio, M.Batista, D. Souza, and A.C Salgado, Using information quality for the identification of relevant web data sources: A proposal. Paper presented at the Proceedings of the 14th International Conference on Information Integration and Web-based Applications & Services,2012.##
[24]      R.Bergmann, Quantifying information quality, 2015.##
[25]      P.Oliveira, F. Rodrigues, and P.R Henriques, A formal definition of data quality problems. Paper presented at the IQ, 2005.##
[26]      C.C.Chen and Y.D Tseng, Quality evaluation of product reviews using an information quality framework. Decision Support Systems, 50(4),pp. 755-768, 2011.##
[27]      M. vanki, M.R.Taghavi fard and K.Feizi,molel piadeh sazie modiriat amniat fanavari etelaat dar senate bankdari iran. Journal of Information Technology Management.vol.p, no.2, pp.379-404,2017. (in persian)##
[28]      Y.Seif and N. Naderi Bani, shanasaee moalefehaye moaser bar modiriyate amniate etelaat dar fanavari atelaate sherkate nafte falate ghare iran, Journal of Information Technology Management,vol.33,pp.851-870,2018.(in Persian)##
[29]      CH.Joshi and U.K.Singh, Information Security Risk Management Framework for University Computing Environment, International Journal of Network Security,19(5), pp.742-751, 2017.##
[30]      P.Shamala, R.Ahmad, and M.Yusoff, A conceptual framework of info structure for information security risk assessment (isra). Journal of Information Security and Applications, 18(1), pp.45-52, 2013.##
[31]      P.Shamala, R.Ahmad, A.H.Zolait and S.bin Sahib, Collective information structure model for information security risk assessment (isra). Journal of Systems and Information Technology, 17(2),pp. 193-219, 2015.##
[32]      C. E.Werts, R. L.Linn and K. G. Joreskog, Intra class reliability estimates: Testing Structural assumptions. Educational and Psychological Measurement, 34(1), pp.25-33, 1974.##
[33]      I.Nunnally, Psychometric theory, 2nd Edn. New york: McGraw-Hill,1978.##
[34]      W. W Chin, "Issues and Opinion on Structural Equation Modeling",MIS Quarterly (22:1), pp. 7-16, 1998.##
[35]      P.Chen, Data mining applications in e-government information security. Procedia Engineering,vol. 29,pp. 235-240, 2012.##
Volume 0, Issue 1 - Serial Number 1
December 2019
Pages 23-35

Files

Share

How to cite

Statistics