The role of skills, processes and technology in information security risk management
Peace Kumah,
Winfred Yaokumah and
Kwame Okwabi Asante-Offei
International Journal of Business Continuity and Risk Management, 2024, vol. 14, issue 4, 392-412
Abstract:
Managing security resources can be challenging as it is easy to apply too much, too little, or even the wrong security measures, leading to excessive spending and a failure to mitigate risk adequately. This quantitative study analyses the role of security resources (including skills, processes, and technology) in risk management. The study employed a random sampling strategy to collect data from five major industry sectors and conducted a web survey. Three multiple regression analyses were then performed to evaluate the relative significance of skills, processes, and technology in risk assessment and analysis within risk management practices. The results demonstrate that skills, processes, and technology account for 79.9% of the variation in risk assessment, 77.7% in risk analysis, and 85% in overall risk management. Skills and processes played the most significant roles in all models compared to technology. Therefore, organisations should prioritise security skills and processes to improve risk management practices. This study provides a model for examining the importance of security resource management in risk management practices, enhancing our understanding of the security resources that contribute significantly to effective risk management.
Keywords: information security; security resource management; skills; processes; technology; risk management; risk assessment; risk analysis. (search for similar items in EconPapers)
Date: 2024
References: Add references at CitEc
Citations:
Downloads: (external link)
http://www.inderscience.com/link.php?id=142654 (text/html)
Access to full text is restricted to subscribers.
Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.
Export reference: BibTeX
RIS (EndNote, ProCite, RefMan)
HTML/Text
Persistent link: https://EconPapers.repec.org/RePEc:ids:ijbcrm:v:14:y:2024:i:4:p:392-412
Access Statistics for this article
More articles in International Journal of Business Continuity and Risk Management from Inderscience Enterprises Ltd
Bibliographic data for series maintained by Sarah Parker ().