• PDF / 305,746 Bytes
• 15 Pages / 595.276 x 790.866 pts Page_size
• 5 Downloads / 205 Views

DOWNLOAD

REPORT

ORIGINAL ARTICLE

Information Security Management (ISM) Practices: Lessons from Select Cases from India and Germany Abhishek Narain Singh • Arnold Picot • Johann Kranz • M. P. Gupta • Amitabh Ojha

Received: 3 August 2013 / Accepted: 15 October 2013 / Published online: 1 November 2013  Global Institute of Flexible Systems Management 2013

Abstract The increasing dependence of businesses over information and the changing ways of information usage with modern IT/ICT tools and mediums, have created an unavoidable need of information security in organizations. Earlier, the technical measures were used to fulfill this need; however, it has been realized that technology alone is unable to address the challenges of information security management (ISM) in organizations. Management and behavioral aspects are pivotal to build an ISM system in organizations. This paper makes an attempt to understand and examine the current ISM practices of two large size, global IT and management services and consulting organizations, one from India and another from Germany. In a case design, the study adopts qualitative research route

and semi-structured interviews were conducted across hierarchy in both the organizations. Observations from interviews are portrayed using descriptive analysis methodology. Further, to draw learning from the cases, SAPLAP method of inquiry was used to understand the present status of ISM practices in both the organizations. Finally, the paper discusses the implications of the findings and scope for the future research. Keywords Information security
Information security management (ISM)
SAP-LAP
Case study

Introduction A. N. Singh (&)
M. P. Gupta Department of Management Studies, Indian Institute of Technology Delhi, Vishwakarma Bhawan, Shaheed Jeet Singh Marg, Hauz Khas, New Delhi 110016, India e-mail: [email protected] M. P. Gupta e-mail: [email protected] A. Picot Institute for Information, Organization, and Management, Ludwig-Maximilians-University, 80539 Munich, Germany e-mail: [email protected] J. Kranz Management Information Systems and Methods, University of Go¨ttingen, 37073 Go¨ttingen, Germany e-mail: [email protected] A. Ojha Research Design and Standards Organization, Ministry of Railway, Government of India, Lucknow 226011, Uttar Pradesh, India e-mail: [email protected]

The day-to-day increasing usage of IT/ICT tools to conduct various business processes in modern organizations has created an alarming need to secure the business information and related assets. With the changing ways of information interaction, the nature of risks and threats has also changed. In the global networked environment, organizational boundaries have become blurred, thus increasing the challenges for information security (Chaturvedi et al. 2011). In its 2012 Global Information Security Survey, Ernst and Young highlighted the gaps in ISM practices worldwide, as: alignment with the business; adequate resources with the right skills and training; processes and architecture; and, new and evolving

Recommend Documents

Lessons in Sustainable Development from Bangladesh and India

168 15 4MB

Information Security Practices Emerging Threats and Perspectives

173 56 3MB

Management Education in India Perspectives and Practices

321 61 2MB

Spirituality in Management Insights from India

184 69 3MB

Tyrosinemia: a report of three cases from India

137 80 98KB

Financial Crisis Management and Democracy Lessons from Europe an

211 101 6MB

Practices in Power System Management in India

207 39 4MB

Standardization in information security management

163 45 68KB

Lessons from the past

187 27 439KB

Lessons from Marx

185 2 1MB

Lessons from Steve Jobs

156 64 7MB

Lessons from Coral Reefs

179 18 184KB