Identifying Key Success Factors in the Implementation of Information Security Systems on Service Businesses: A Case Study of the Private Banks of Tehran
Nowadays, the critical role of information in global markets is inevitable. This importance is much stronger especially in the fields of finance and credit. Because of the expansion of private banks and ceding the shares of many state banks to the private sector, and due to the hasty deployment of electronic systems in these banks, the health of financial activities in the market, to a great extent, depends on the correct performance of information security systems in electronic sections. Launching information security systems is a costly activity which is associated with financial resources and information security. Hence, the factors that lead to higher effectiveness in this process should be identified. This study is an attempt to identify such factors. The reviews resulted in identification of 39 preliminary variables in the form of a questionnaire which was distributed to 131 branch managers of private banks in Tehran, Iran. Convergent validity and composite reliability combined with Cronbach's alpha coefficient were used to evaluate the questionnaire, which all supported the validity and reliability of the questionnaire. The results indicated that these factors had the highest priority: presence of regulatory and appropriate processes, availability of key performance indicators, controlling viruses, etc. Furthermore, the confirmatory factor analysis revealed that there are four infrastructural groups, the most important of which is the group of financial factors. Finally, the correlation between these structures was examined. Confirmatory factor analysis was done by PLS (2β) software, and demographic and Friedman analyses were performed by SPSS (20) software.
Reihaneh Amel Sadeghi,
Identifying Key Success Factors in the Implementation of Information Security Systems on Service Businesses: A Case Study of the Private Banks of Tehran, American Journal of Theoretical and Applied Business.
Vol. 2, No. 4,
2016, pp. 28-37.
Abdi, Hervé. (2003). Partial least squares regression (PLS-regression) (pp. 792-795): Thousand Oaks, CA: Sage.
Åhlfeldt, Rose-Mharie. (2005). Information Security in a Heterogeneous Healthcare Domain. Paper presented at the 4th Security Conference. Las Vegas, USA.
Akin, Melek, Bloemhof, Jacqueline M, Wynstra, Finn, & van Raaij, Erik M. (2009). The Impact of Supply Chain-Related Factors on Environmental Performance of Manufacturing Firms in Turkey. Paper presented at the 18 th IPSERA Conference Supply Management–Towards an Academic.
Al-Awadi, Maryam. (2009). A study of employees' attitudes towards organisational information security policies in the UK and Oman. University of Glasgow.
Al-Awadi, Maryam, & Renaud, Karen. (2007). Success factors in information security implementation in organizations. Paper presented at the IADIS International Conference e-Society 2007, Lisbon, Portugal.
Andress, Jason. (2011). The basics of information security: understanding the fundamentals of InfoSec in theory and practice: Elsevier.
Chin, Wynne W. (1998). The partial least squares approach to structural equation modeling. Modern methods for business research, 295 (2), 295-336.
Daniel, WW. (1999). Biostatistics: a foundation for analysis in the health sciences. Wiley series in probability and mathematical statistics. Applied probability and statistics: Wiley New York.
Hagen, Janne Merete, Albrechtsen, Eirik, & Hovden, Jan. (2008). Implementation and effectiveness of organizational information security measures. Information Management & Computer Security, 16 (4), 377-397.
Hassan, Mohamed Eslam, Zhi, Fengwen, Wang, Ping, & Abdalla, Elhadi Osman. (2014). The Impact of the Sector Type on the Role of Management Information Systems for the Decision-Making Process: RNS-Sudan as Case Study.
Huang, Yao-Wen, Yu, Fang, Hang, Christian, Tsai, Chung-Hung, Lee, Der-Tsai, & Kuo, Sy-Yen. (2004). Securing web application code by static analysis and runtime protection. Paper presented at the Proceedings of the 13th international conference on World Wide Web.
Karakaya, Fahri, & Canel, Cem. (1998). Underlying dimensions of business location decisions. Industrial management & data systems, 98 (7), 321-329.
Karakaya, Fahri, & Stahl, Michael J. (1992). Underlying dimensions of barriers to market entry in consumer goods markets. Journal of the Academy of Marketing Science, 20 (3), 275-278.
Kazemi, Mehdi, Khajouei, Hamid, & Nasrabadi, Hashem. (2012). Evaluation of information security management system success factors: Case study of Municipal organization. African Journal of Business Management, 6(14), 4982-4989.
Kevin, J. Fitzgerald. (1995). Information security baselines. Information Management & Computer Security, 3(2), 8-12. doi: 10.1108/09685229510088575.
Mellado, Daniel, Fernández-Medina, Eduardo, & Piattini, Mario. (2007). A common criteria based security requirements engineering process for the development of secure information systems. Computer standards & interfaces, 29 (2), 244-253.
Moss, Steve, Prosser, H, Costello, H, Simpson, N, Patel, P, Rowe, S, … Hatton, C. (1998). Reliability and validity of the PAS‐ADD Checklist for detecting psychiatric disorders in adults with intellectual disability. Journal of Intellectual Disability Research, 42 (2), 173-183.
Robert, B. (2009). GENERAL DETERRENCE THEORY: ASSESSING INFORMATION SYSTEMS SECURITY EFFECTIVENESS IN LARGE VERSUS SMALL BUSINESSES Joseph H. Schuessler, BBAMBAMS. UNIVERSITY OF NORTH TEXAS.
Sarmad, Z., Bazarganm A., Hejazi, E. (2008). Research methods in the behavioral sciences. Tehran, Agah Publications.
Setiadi, Farisya, Sucahyo, Yudho Giri, & Hasibuan, Zainal A. (2013). Balanced E-Government security framework: An integrated approach to protect information and application. Paper presented at the Technology, Informatics, Management, Engineering, and Environment (TIME-E), 2013 International Conference on.
Waly, Nesren, Tassabehji, Rana, & Kamala, Mumtaz. (2012). Improving organisational information security management: The impact of training and awareness. Paper presented at the High Performance Computing and Communication & 2012 IEEE 9th International Conference on Embedded Software and Systems (HPCC-ICESS), 2012 IEEE 14th International Conference on.
Zaidan, BB, Zaidan, AA, & Kiah, ML Mat. (2011). Impact of data privacy and confidentiality on developing telemedicine applications: A review participates opinion and expert concerns. Int. J. Pharmacol, 7 (3), 382-387.