Information systems security management maturity model for electronic commerce small medium industries and enterprises (smi/e) using technology, organization and environment framework / Azah Anir Binti Norman

Norman, Azah Anir (2014) Information systems security management maturity model for electronic commerce small medium industries and enterprises (smi/e) using technology, organization and environment framework / Azah Anir Binti Norman. PhD thesis, University Malaya.

PDF (Full Text)
Download (5Mb) | Preview


    Today, the Information Systems Security Management (Information Systems Security Management (ISSM)) maturity framework has been recognized and accepted by businesses globally. This ISSM maturity phenomenon has shifted many business perspectives on the importance of security management towards business information systems. The development of current ISSM maturity framework, based on tried-and-true practices by security experts, have also expanded many issues in the IS research scenario among which are: (i) lack of flexible framework: the current framework developed and designed to suit brick and mortar traditional business, but not for e-commerce that has a volatile structure; (ii) lack of theory supported framework: the current ISSM framework is developed using tried-and-true practices of experts’ experiences rather than based on excepted theories. The main objective of this research is to address these two issues. The research aim is to construct an ISSM maturity model to suit e-commerce using Technology, Organization and Environment framework (Technology-Organization-Environment Framework (TOE)), DeLone and McLean Information System (IS) Success Factors, Diffusion of Innovation Theory (Diffusion of Innovation Theory (DOI)) and Ein-Dor Organizational Factors. The IS theory, IS model, IS framework and IS organization factors were selected to help develop a flexible and theoretically-based ISSM maturity model for the benefit of Small Medium Industries/Enterprises (SMI/Es) that are involved in e-commerce. This study employs a mixed-method research using the sequential mix-method procedure to predict the conceptual relationship: (i) the research quantitative phase adopts a structural equation modelling (Structural Equation Modelling (SEM)) technique using Partial Least Square iv (Partial Least Square (PLS)) method, (ii) semi-structured interviews with the selected Small Medium Industry/Enterprise (SMI/E)s business Chief Executives Officers (Chief Executive Officer (CEO)s) and business owners that are involved in e-commerce. The results show high reliability of predicted variables with minimal reading of reliability score of more than 0.85, displaying average variance extracted (Average Variance Extracted (AVE)) exceeding 0.5, indicating adequate convergent validity of all the predicted variables developed in the conceptual framework. The predicted relationship was proved to be significant with the score of 50.4% showing the high influences of latent variables discussed in this ISSM maturity research. The findings show three significant influences in ISSM maturity in e-commerce (i) technology which are the technology usage, compatibility, complexity, relative advantage and technology availability, (ii) organization including the human resources, formal and informal linking structures and the communication process and (iii) the environment of which consisted of user satisfaction, government regulations, technology support characteristics, industry characteristics and market structure. Based on both quantitative and qualitative results, four quadrant of ISSM maturity were presented. These quadrants were then organized to construct the ISSM maturity model. The research contributes to the body of knowledge in twofolds: practically and academically whereby (i) the research contributed to the development of theoretically-based ISSM maturity model for SMI/E involved in the e-Commerce, and (ii) the research justified the theoretical consideration (based on the selected IS theory, IS framework, IS model and IS factors) which formed the conceptual research framework of this thesis. This research has successfully answered all research questions where it deduced the ISSM maturity factors and described the relationship between identified factors, hence conclusively build the ISSM maturity model.

    Item Type: Thesis (PhD)
    Additional Information: Thesis (Ph.D.) – Faculty of Computer Science and Information Technology, University Malaya, 2014
    Uncontrolled Keywords: Information systems security management maturity model
    Subjects: Q Science > Q Science (General)
    T Technology > T Technology (General)
    Divisions: Faculty of Computer Science & Information Technology
    Depositing User: Mrs Nur Aqilah Paing
    Date Deposited: 05 Feb 2015 11:05
    Last Modified: 05 Feb 2015 11:11

    Actions (For repository staff only : Login required)

    View Item