Browse > Article
http://dx.doi.org/10.7838/jsebs.2011.16.1.133

A Study on Factors Affecting the Level of Information Security Governance in Korea Government Institutions and Agencies  

Song, Jeong-Seok (중앙대학교 경영경제대학)
Jeon, Min-Jun (중앙대학교 경영학과)
Choi, Myeong-Gil (중앙대학교 경영경제대학)
Publication Information
The Journal of Society for e-Business Studies / v.16, no.1, 2011 , pp. 133-151 More about this Journal
Abstract
To solidate information security, Korea government introduces information security governance. The public institutions and agencies in korea have begun to recognize the importance of information security governance. For solidating information security governance, the government has tried to establish and solidate an information security policy and information security systems. This study suggests factors affecting the level of information security governance in the public agencies and institutions through the factor analysis and the linear regression analysis. The results of this study show that the CEO's support is able to elevate the level of information security governance. The level of information security governance has relation with the number of the staff in information departments, and the budget in the public agencies and the institutions. This study provides directions for the public agencies and the institution for elevating the levels of information security governance.
Keywords
Government; Security Governance; Information Security; Information Security Management Systems;
Citations & Related Records
Times Cited By KSCI : 5  (Citation Analysis)
연도 인용수 순위
1 Jeff Smith, H. S., Milberg, J. S., Burke, J., "Information Privacy : Measuring Individuals' Concerns about Organizational Practices," MIS Quarterly, Vol. 20, No. 2, 1996, pp. 167-196.   DOI   ScienceOn
2 Swindle O. and Coner B., "The Link Between Information Security and Corporate governance," May 2004.
3 Symon, V., "A Review of Information Systems Evaluation : Content, Context and Process," Journal of Information Systems, Vol. 1, No. 3, 1991, pp. 205-212.   DOI
4 Whitman M. E. and Mattford H. J, "Principles of Information Security," Course Technology, 2003, pp. 153-90.
5 William, "Information Governance," Information Security Technical Report, Vol. 6, No. 3, 2001, pp. 60-70.   DOI   ScienceOn
6 ISO17799, "A Code of Practice for Information Security," 2005.
7 ITGI, "Information Security Governance, Guidance for Boards of Directors and Executive Management, 2nd Ed., IT Governance Institute, Rolling Meadows, IL, 2006.
8 B. Ives and Learmouth, G. P., "The Information Systems as a Competitive Weapon," Communications of the ACM, Vol. 27, No. 12, 1984, pp. 586-603.
9 Joshi, K., "The Measurement of Fairness or Equity Perceptions of Management Information Systems Users," MIS Quarterly, Vol. 13, No. 3, 1989, pp. 343-358.   DOI   ScienceOn
10 Maria Karyda, Evangelos Kiountouzis, and Spyros Kokolakis, "Information Systems Security Polices : a Contextual Perspectives," Computers and Security, Vol. 24, No. 3, 2004, pp. 246-260.
11 National Cyber Security Summit Task Force, Information Security Governance : a Call to Action, Corporate Governance Task Force Report, April, CS1/05-0047, available at www.technet.org/resources/IfoSecGov4_04.pdf.
12 Birman, "KP, The Next-Generation Internet : Unsafe at Any Speed," IEEE Computer, Vol. 30, No. 8, 2000, pp. 54-60.
13 Solm, B., "Information Security_The Forth Wave," Computers and Security, Vol. 25, 2006, pp. 165-168.   DOI   ScienceOn
14 Allen J. H. and Westby, J. R., "Governing for Enterprise Security (GES) : Implementation Guide, Article 1 : Characteristics of Effective Security Governance," White Paper, Carnegie Mellon University, Pittsbugh, P.A.
15 Beatty, R. C., Shim, J. P., and Jones, M. C., "Factors Influencing Corporate Web Site Adoption : a Time-Based Assessment," Information and Management Vol. 38, 2001, pp. 337-354.   DOI   ScienceOn
16 Corporate Governance Task Force, "Information Security Governance : a Call to Action," April 2004.
17 Faily S. and Fle'chais, I., "Designing and Aligning e-Science Security Culture with Design," Information Management and Computer Security, Vol. 18, No. 5, 2010.
18 Fulford, H. and Doherty, N. F., "The Application of Information Security Policies in Large UK-based Organizations : an Exploratory Investgation," Information Management and Computer Security, Vol. 11, No. 3, 2003, pp. 106-114.   DOI   ScienceOn
19 김정덕 외 1인, "정보보호 거버넌스 이슈 및 연구과제", 정보보호학회지, 제17권, 제4호, 2007, pp. 2-8.
20 Huang, S.-M., Lee, C. L., and Kao, A. C., "Balancing Performance Measures for Information Security Management: a Balanced Scorecard Framework," Industrial Management and Data Systems, Vol. 106, No. 2, 2006, pp. 242-255.   DOI   ScienceOn
21 김정덕, 이경석, "ISO/IEC JTC1 SC27의 정보보호관리 국제표준화 동향", 정보보호학회지, 제18권, 제4호, 2008, pp. 1-4.
22 김지숙 외 2인, "민간기업과 공공기관의 정보보호 관리체계 차이 비교", 한국정보보호학회논문지, 제20권, 제2호, 2010, pp. 117-129.
23 최명길 외 1인, "정보보호 패러다임 변화 및 정보보호동향에 대한 고찰", 한국정보보호학회논문지, 제17권, 제4호, 2007, pp. 12-17.
24 최명길 외 2인, "정보보호정책 성숙도 수준에 영향을 미치는 요인에 관한 연구", 한국정보보호학회논문지, 제18권, 제3호, 2008, pp. 131-142.
25 한국정보보호진흥원, "ISMS 인증제도 소개", 2007, pp. 6-19.
26 한근희, "전자정부 정보보호관리체계(GISMS) 적용 정책", 한국정보보호학회논문지, 제19권, 제5호, 2009, pp. 119-131.
27 Ahmad Abu-Musa, "Information Security Governance in Saudi Organizations : An Empirical Study," Information Management and Computer Security, Vol. 18, No. 4, 2010, pp. 226-276.   DOI   ScienceOn
28 Ahmad Abu-Musa, "Exploring Information Technology Governance in Developing Countries : An Empirical Study", The International Journal of Digital Accounting Research, Vol. 7, No. 13, 2007, pp. 71-117.