期刊论文详细信息
Journal of Governance and Regulation
FACTORIAL INVARIANCE OF AN INFORMATION SECURITY CULTURE ASSESSMENT INSTRUMENT FOR MULTINATIONAL ORGANISATIONS WITH OPERATIONS ACROSS DATA PROTECTION JURISDICTIONS
关键词: Information Security;    Information Security Culture;    Factorial Invariance;    Structural Equation Modelling;    Data Protection;    Privacy;    Maturity;    South Africa;    United Kingdom;   
DOI  :  10.22495/jgr_v4_i1_p4
学科分类:社会科学、人文和艺术(综合)
来源: Virtus Interpress
PDF
【 摘 要 】

An information security culture is influenced by various factors, one being regulatory requirements. The United Kingdom (UK) has been regulated through the UK Data Protection Act since 1995, whereas South Africa (SA) only promulgated the Protection of Personal Information Act (PoPI) in 2013. Both laws stipulate requirements from an information security perspective with regard to the processing of personal information, however in the UK this has been regulated for a longer period. Consequently, it is to be expected that the information security culture for organisations in the UK will be significantly different from that of SA. This raises the question as to whether the same information security culture assessment (ISCA) instrument could be used in an organisation with offices in both jurisdictions, and whether it might be necessary to customise it according the particular country’s enforcement of information security and privacy-related conditions. This is reviewed, firstly from a theoretical perspective, and secondly a factorial invariance analysis was conducted in a multinational organisation with offices in both the UK and SA, using data from an ISCA questionnaire, to determine possible factorial invariances in terms of the ISCA.

【 授权许可】

CC BY-NC   

【 预 览 】
附件列表
Files Size Format View
RO201904027997430ZK.pdf 880KB PDF download
  文献评价指标  
  下载次数:19次 浏览次数:29次