摘要
为了探讨由企业高层管理团队推动的制度化是否可以提高信息安全管理有效性这一问题,本研究以国内通过信息安全管理体系认证的企业为调研对象开展问卷调查,采用PLS-SEM进行实证检验。研究发现:信息安全意识水平越高,高管支持(包括高管信念和高管参与两个维度)的程度越高,企业信息安全管理越有效;高管信念的强化,有助于提高信息安全制度中履行和内化的水平;制度化中的履行水平越高,企业信息安全管理越有效。本研究明确了企业内部提高信息安全管理有效性的路径,对于企业如何从制度视角推动信息安全管理实践具有重要的现实意义。
With increasing dependence on information technology and information system,enterprises are confronting with a more and more complicated information security environment.Thus,information security has become an intractable problem for many enterprises.Generally speaking,there are two methods to improve enterprises’information security level,that is,technology and management means.Technology means mainly settle software and hardware security of computers and networks,while management means mainly regulate and restrain the entire enterprise system including software,hardware,and employees.At present,a lot of enterprises mostly employ the technology means to solve information security problems.However,the lack or imperfection of information security institutions leads to bad enterprise information security situation.Therefore,technology and management means to solve information security are complementary to each other.As such,it is urgent and necessary to establish and improve information security institutions for many enterprises.In fact,enterprise information security is a complicated activity which needs different sectors to get involved in.More specifically,the information security departments play the very critical role in the implementation of information security institutions,and all employees should comply with the information security policy.Therefore,only the top management teams have the ability to coordinate the relationship between different departments,determine the introduction of information technology,and deploy the information systems.In response,top management support has an important impact on the construct of information security institutions and the effectiveness of information security management.So far,few studies have investigated the mechanism that how top management support affects information security legitimation,and legitimation information security management.Therefore,it has great theoretical and practical significance to the exploration of whether the legitimation supported by top m
作者
董坤祥
谢宗晓
甄杰
林润辉
Dong Kunxiang;Xie Zongxiao;Zhen Jie;Lin Runhui(School of Management Science and Engineering, Shandong University of Finance and Economics, Ji 'nan 250014, China;China Financial Certification Authority, Beij'ing 100054, China;School of Business Planning, Chongqing Technology and Business University, Chongqing 400067, China;Business School, Nankai University, Tianjin 300071, China)
出处
《外国经济与管理》
CSSCI
北大核心
2018年第5期113-126,共14页
Foreign Economics & Management
基金
国家社会科学基金青年项目(17CGL019)
国家自然科学基金面上项目(71672123)
重庆市基础科学与前沿技术研究项目(cstc2017jcyj AX0441)
重庆市社会科学规划项目(2017QNGL55)
重庆市教委人文社会科学研究项目(17SKG097)
重庆工商大学校内科研项目(1751030)
山东省自然科学基金(ZR2017BG010)
关键词
高管支持
信息安全意识
制度化
信息安全管理有效性
top management support
information security awareness
legitimation
effectiveness of information security management
