Critical Success Factors for an Effective Security Risk Management Program: An Exploratory Case Study
Jason A. Williams,
Humayun Zafar and
Saurabh Gupta
Additional contact information
Jason A. Williams: Augusta University, USA
Humayun Zafar: Kennesaw State University, USA
Saurabh Gupta: Kennesaw State University, USA
International Journal of Information Security and Privacy (IJISP), 2026, vol. 20, issue 1, 1-18
Abstract:
This paper evaluates the perceived effectiveness of the security risk management (SRM) programs at a Fortune 500 firm. Layers of management and staff participated in the study. Perceived effectiveness of their SRM programs was based on nine critical success factors (CSFs). Interviews confirmed six initial CSFs (Executive Management Support, Organizational Maturity, Open Communication, Risk Management Stakeholders, Team Member Empowerment, and Holistic View of an Organization) that were extracted from the literature. They were confirmed and synthesized with three additional CSFs (Security Maintenance, Corporate Security Strategy, and Human Resource Development). Implications for SRM are discussed.
Date: 2026
References: Add references at CitEc
Citations:
Downloads: (external link)
https://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/IJISP.404388 (application/pdf)
Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.
Export reference: BibTeX
RIS (EndNote, ProCite, RefMan)
HTML/Text
Persistent link: https://EconPapers.repec.org/RePEc:igg:jisp00:v:20:y:2026:i:1:p:1-18
Access Statistics for this article
International Journal of Information Security and Privacy (IJISP) is currently edited by Yassine Maleh
More articles in International Journal of Information Security and Privacy (IJISP) from IGI Global Scientific Publishing
Bibliographic data for series maintained by Journal Editor ().