 Integrating Knowledge Management into Information Security: From Audit to PracticeCheuk Hang Au and
Walter S. L. Fung
International Journal of Knowledge Management (IJKM), 2019, vol. 15, issue 1, 37-52 Abstract: Repeated information security (InfoSec) incidents have harmed the confidence of people on enterprises' InfoSec capability. While most organisations adopt control frameworks such as ISO27001 and COBIT, the role and contribution of knowledge management on InfoSec was inadequately considered. The authors integrated the concepts of knowledge-centric information security and IT Governance (ITG) into an ITG-driven knowledge framework (ITGKF) for reinforcing InfoSec maturity and auditability of enterprises. The authors also tried to assess whether ITG can embrace proper knowledge circulation within the InfoSec community. The authors confirmed the positive influence of IT governance on knowledge-centric information security (KCIS) and information security maturity and audit result (ISMAR), the positive influence of KCIS on ISMAR, and the mediating role of KCIS between ITG and ISMAR. These indicated the significance of KM in InfoSec area. Based on the findings, they proposed possible changes of integrating KM in different InfoSec practices and audit standard. Date: 2019 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:igg:jkm000:v:15:y:2019:i:1:p:37-52 Access Statistics for this article International Journal of Knowledge Management (IJKM) is currently edited by Hakikur Rahman More articles in International Journal of Knowledge Management (IJKM) from IGI Global |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.