| dc.contributor.author | Pérez González, Daniel | |
| dc.contributor.author | Trigueros Preciado, Sara | |
| dc.contributor.author | Solana-González, Pedro | |
| dc.contributor.other | Universidad de Cantabria | es_ES |
| dc.date.accessioned | 2019-12-11T12:31:50Z | |
| dc.date.available | 2019-12-11T12:31:50Z | |
| dc.date.issued | 2019 | |
| dc.identifier.issn | 0959-3845 | |
| dc.identifier.uri | http://hdl.handle.net/10902/17465 | |
| dc.description.abstract | ABSTRACT: Purpose
The purpose of this paper is to expand current knowledge about the security organizational practices and analyze its effects on the information security management performance.
Design/methodology/approach
Based on the literature review, the authors propose a research model together with hypotheses. The survey questionnaires were developed to collect data, which then validated the measurement model. The authors collected 111 responses from CEOs at manufacturing small- and medium-sized enterprises (SMEs) that had already implemented security policies. The hypothesized relationships were tested using the structural equation model approach with EQS 6.1 software.
Findings
Results validate that information security knowledge sharing, information security education and information security visibility, as well as security organizational practices, have a positive effect on the information security management performance.
Research limitations/implications
The consideration of organizational aspects of information security should be taken into account by academics, practitioners and policymakers in SMEs. Besides, the work helps validate novel constructs used in recent research (information security knowledge sharing and information security visibility).
Practical implications
The authors extend previous works by analyzing how security organizational practices affect the performance of information security. The results suggest that an improved performance of information security in the industrial SMEs requires innovative practices to foster knowledge sharing among employees.
Originality/value
The literature recognizes the need to develop empirical research on information security focused on SMEs. Besides the need to identify organizational practices that improve information security, this paper empirically investigates SMEs' organizational practices in the security of information and analyzes its effects on the performance of information security. | es_ES |
| dc.format.extent | 20 p. | es_ES |
| dc.language.iso | eng | es_ES |
| dc.publisher | Emerald Publishing Limited | es_ES |
| dc.rights | © Emerald | es_ES |
| dc.source | Information Technology & People, Vol. 32 No. 5, pp. 1262-1275 | es_ES |
| dc.subject.other | Security organizational practices | es_ES |
| dc.subject.other | Information security knowledge sharing | es_ES |
| dc.subject.other | Information security visibility | es_ES |
| dc.subject.other | Information security education | es_ES |
| dc.subject.other | Performance of information security management | es_ES |
| dc.subject.other | SMEs | es_ES |
| dc.title | Organizational practices as antecedents of the information security management performance | es_ES |
| dc.type | info:eu-repo/semantics/article | es_ES |
| dc.rights.accessRights | openAccess | es_ES |
| dc.identifier.DOI | 10.1108/ITP-06-2018-0261 | |
| dc.type.version | acceptedVersion | es_ES |
