Continuous improvement of information security management: an organisational learning perspective

Continuous improvement of information security management: an organisational learning perspective

This study explores ways to empower organisations to continuously improve their information security management (ISM). Drawing upon the dynamic capabilities approach, we investigated the mechanism wherein absorptive capacity has an effect. We found that absorptive capacity affects an organisation�...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:European journal of information systems 2023-11, Vol.ahead-of-print (ahead-of-print), p.1-22
Hauptverfasser: Ghahramani, Fereshteh, Yazdanmehr, Adel, Chen, Daniel, Wang, Jingguo
Format: Artikel
Sprache:eng
Schlagworte:
absorptive capacity
adaptability
competitive pressure
continuous improvement
dynamic capabilities
Information security management
strategic flexibility
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This study explores ways to empower organisations to continuously improve their information security management (ISM). Drawing upon the dynamic capabilities approach, we investigated the mechanism wherein absorptive capacity has an effect. We found that absorptive capacity affects an organisation's continuous improvement of ISM, with its effect mediated through an organisation's adaptability to information security threats. In addition, the effect of absorptive capacity on adaptability is contingent upon the organisation's competitive pressure, which enhances the mediating effect of adaptability. We tested our research model using survey data collected from 130 US-based managers familiar with information security management in their organisations. Theoretical and practical implications of the study are discussed.
ISSN:0960-085X
1476-9344
DOI:10.1080/0960085X.2022.2096491