A conceptual model and empirical assessment of HR security risk management. (8th July 2019)
- Record Type:
- Journal Article
- Title:
- A conceptual model and empirical assessment of HR security risk management. (8th July 2019)
- Main Title:
- A conceptual model and empirical assessment of HR security risk management
- Authors:
- Kumah, Peace
Yaokumah, Winfred
Okai, Eric Saviour Aryee - Abstract:
- Abstract : Purpose: This study aims to develop a conceptual model and assess the extent to which pre-, during- and post-employment HR security controls are applied in organizations to manage information security risks. Design/methodology/approach: The conceptual model is developed based on the agency theory and the review of theoretical, empirical and practitioner literature. Following, empirical data are collected through a survey from 134 IT professionals, internal audit personnel and HR managers working within five major industry sectors in a developing country to test the organizational differences in pre-, during- and post-employment HR security measures. Findings: Using analysis of variance, the findings reveal significant differences among the organizations. Financial institutions perform better in employee background checks, terms and conditions of employment, management responsibilities, security education, training and awareness and disciplinary process. Conversely, healthcare institutions outperform other organizations in post-employment security management. The government public institutions perform the worst among all the organizations. Originality/value: An integration of a conceptual model with HR security controls is an area that is under-researched and under-reported in information security and human resource management literature. Accordingly, this research on HR security management contributes to reducing such a gap and adds to the existing HR securityAbstract : Purpose: This study aims to develop a conceptual model and assess the extent to which pre-, during- and post-employment HR security controls are applied in organizations to manage information security risks. Design/methodology/approach: The conceptual model is developed based on the agency theory and the review of theoretical, empirical and practitioner literature. Following, empirical data are collected through a survey from 134 IT professionals, internal audit personnel and HR managers working within five major industry sectors in a developing country to test the organizational differences in pre-, during- and post-employment HR security measures. Findings: Using analysis of variance, the findings reveal significant differences among the organizations. Financial institutions perform better in employee background checks, terms and conditions of employment, management responsibilities, security education, training and awareness and disciplinary process. Conversely, healthcare institutions outperform other organizations in post-employment security management. The government public institutions perform the worst among all the organizations. Originality/value: An integration of a conceptual model with HR security controls is an area that is under-researched and under-reported in information security and human resource management literature. Accordingly, this research on HR security management contributes to reducing such a gap and adds to the existing HR security risk management literature. It, thereby, provides an opportunity for researchers to conduct comparative studies between developed and developing nations or to benchmark a specific organization's HR security management. … (more)
- Is Part Of:
- Information and computer security. Volume 27:Number 3(2019)
- Journal:
- Information and computer security
- Issue:
- Volume 27:Number 3(2019)
- Issue Display:
- Volume 27, Issue 3 (2019)
- Year:
- 2019
- Volume:
- 27
- Issue:
- 3
- Issue Sort Value:
- 2019-0027-0003-0000
- Page Start:
- 411
- Page End:
- 433
- Publication Date:
- 2019-07-08
- Subjects:
- Information security -- Agency theory -- Security education -- Background check -- Computer training -- HR security risk management -- Personnel security -- Human resource security -- Conditions of employment -- Management responsibilities -- Training and awareness -- Disciplinary process
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-05-2018-0057 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 10916.xml