Evaluating the effectiveness of information security governance practices in developing nations: A case of Ghana

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

The purpose of this empirical study is to evaluate the extent to which information security governance domain practices: strategic alignment, value delivery, resource management, risk management, and performance measurement relate to information security governance effectiveness. Random sampling technique was employed and data were collected via web survey from Ghanaian organizations. Employing three multiple regression models, the results showed there were statistically significant positive linear relationship between information security governance domain practices and information security governance effectiveness. Overall, the model produced R2 =.505, indicating that 50.5% of the variance in information security governance effectiveness was explained by information security governance domain practices. The results highlighted resource management, performance measurement and risk management practices as the predictors of organizational information security governance effectiveness while strategic alignment contributed only marginally to the models. Therefore, to attain higher information security governance effectiveness, organizations should focus on strategic alignment between the business and information security attributes.

Original languageEnglish
Title of host publicationStandards and Standardization
Subtitle of host publicationConcepts, Methodologies, Tools, and Applications
PublisherIGI Global
Pages1317-1333
Number of pages17
ISBN (Electronic)9781466681125
ISBN (Print)146668111X, 9781466681118
DOIs
Publication statusPublished - 28 Feb 2015
Externally publishedYes

Fingerprint

Dive into the research topics of 'Evaluating the effectiveness of information security governance practices in developing nations: A case of Ghana'. Together they form a unique fingerprint.

Cite this