Title: Employing the social-technical perspective in identifying security management systems in organisations

Authors: Suhazimah Dzazali, Sulaiman Ainin, Ali Hussein Saleh Zolait

Addresses: Faculty of Business and Accountancy, University of Malaya, 50603 Kuala Lumpur, Malaysia. ' Faculty of Business and Accountancy, University of Malaya, 50603 Kuala Lumpur, Malaysia. ' Faculty of Business and Accountancy, Department of Business, Amran University, Amran-Khamer, P.O. Box 41000, Khamer, Republic of Yemen

Abstract: Information resources are critical assets of most 21st century organisations. The emergence of many different information security threats necessitates organisations to seek advice and acquire the latest knowledge that is required to defeat these threats and securely manage their companies| information systems. Accordingly, this research proposes a new theoretical perspective, to be called |the Integrated Social-Technical System Theory|, in which researchers attempt to analyse and identify the underlying dimensions of Information Security Management (ISM). The researchers employed the quantitative approach using a sample that was obtained from the key players of information security in the Malaysian Public Service (MPS) organisations. The results of the multivariate test revealed the underlying dimensions. One of the identified dimensions is information security maturity, (positioned as the dependent variable) and a few other variables are positioned as technical and social factors.

Keywords: information security; sociotechnical systems; STS theory; information systems; Malaysian Public Service; MPS; Malaysia; security management.

DOI: 10.1504/IJBIS.2009.024504

International Journal of Business Information Systems, 2009 Vol.4 No.4, pp.419 - 439

Published online: 07 Apr 2009 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article