Inter-organizational study of access control security measures

Winfred Yaokumah, Eric Saviour Aryee Okai

Research output: Contribution to journalArticlepeer-review

12 Citations (Scopus)

Abstract

This study assesses the level of implementation and management of access control security measures among organizations. A survey was conducted and 233 responses were received from 56 organizations drawn from 5 major industry sectors of Ghana. This study focuses on the four access control clauses, namely access control policy, user access management, user responsibility and accountability, and system and application access control, which were adopted from ISO/IEC27002 international information systems security management standard. Overall, the results show that the organizations' level of implementation and management of access control measures were approximately 66.6% (Level 3 - well defined), indicating that access control measures were documented, approved, and implemented organization-wide. Moreover, the results show significant differences in the implementation and management of access control measures among the organizations. For all the access control measures, the financial and health care institutions outperform educational institutions and government public services.

Original languageEnglish
Pages (from-to)60-79
Number of pages20
JournalInternational Journal of Technology and Human Interaction
Volume14
Issue number1
DOIs
Publication statusPublished - 1 Jan 2018
Externally publishedYes

Keywords

  • Access Control Policy
  • Information Security
  • System and Application Access Control
  • User Access Control Management
  • User Responsibility and Accountability

Fingerprint

Dive into the research topics of 'Inter-organizational study of access control security measures'. Together they form a unique fingerprint.

Cite this