Abstract
Almost all computing systems and applications in organizations include some form of access control mechanisms. Managing secure access to computing resources is an important but a challenging task, requiring both administrative and technical measures. This study examines the influence of administrative access control measures on technical access control mechanisms. Based on the four access control clauses defined by ISO/IEC27002, this study develops a model to empirically test the impact of access control policies on systems and applications control activities. The study employs Partial Least Square Structural Equation Modelling (PLS-SEM) to analyze data collected from 223 samples through a survey questionnaire. The results show that the greatest significant impact on applications and systems access control measures is through access control policies mediated by users' responsibilities and accountability and user access management activities. But the direct impact of access control policies on applications and systems access control measures is not significant.
Original language | English |
---|---|
Pages (from-to) | 53-70 |
Number of pages | 18 |
Journal | Information Resources Management Journal |
Volume | 30 |
Issue number | 4 |
DOIs | |
Publication status | Published - 1 Oct 2017 |
Externally published | Yes |
Keywords
- Access Control Policies
- Administrative Access Control
- Systems and Applications Access Control
- Technical Access Control
- User Access Management
- User Responsibilities and Accountability