Loading…
An assessment of critical success factors in information security implementation in organizations in Ghana
Purpose This paper aims to identify the critical success factors in improving information security in Ghanaian firms. Design/methodology/approach Through an exploratory study of both public and private Ghanaian organizations. The study relied on a research model based on the technology–organization–...
Saved in:
| Published in: | Information and computer security 2024-11, Vol.32 (5), p.573-597 |
|---|---|
| Main Authors: | , , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | cdi_FETCH-LOGICAL-c264t-8acf36cc0e3db93fd8923064a753f483221e14c6dfb196032947305fe6e0063c3 |
| container_end_page | 597 |
| container_issue | 5 |
| container_start_page | 573 |
| container_title | Information and computer security |
| container_volume | 32 |
| creator | Nterful, Joshua Adam, Ibrahim Osman Alhassan, Muftawu Dzang Abdul-Salam, Abdallah Gbambegu Umar, Abubakar |
| description | Purpose
This paper aims to identify the critical success factors in improving information security in Ghanaian firms.
Design/methodology/approach
Through an exploratory study of both public and private Ghanaian organizations. The study relied on a research model based on the technology–organization–environment (TOE) framework and a survey instrument to collect data from 525 employees. The data was analyzed using partial least squares-structural equation modeling (PLS-SEM).
Findings
The findings confirm the role of the technological, organizational and environmental contexts as significant determinants in the implementation of information security in Ghanaian organizations. Results from PLS-SEM analysis demonstrated a positive correlation between the technology component of information security initiative, organization’s internal efforts toward its acceptance and a successful implementation of information security in Ghanaian firms. Top management support and fund allocation among others will result in positive information security initiatives and positive attitudes toward securing the organization’s information assets.
Research limitations/implications
The authors discussed the implications of the authors’ findings for research, practice and policy.
Social implications
The results of this study will be useful for both governmental and non-governmental organizations in terms of best practices for increasing information security. Results from this study will aid organizations in developing countries to better understand their information security needs and identify the necessary procedures to address them.
Originality/value
This study contributes to filling the knowledge gap in organizational information security research and the TOE framework. Despite the TOE framework being one of the most influential theories in contemporary research of information system domains in an organizational context, there is not enough research linking the domains of information security and the TOE model. |
| doi_str_mv | 10.1108/ICS-11-2022-0174 |
| format | article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1108_ICS_11_2022_0174</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>3129457885</sourcerecordid><originalsourceid>FETCH-LOGICAL-c264t-8acf36cc0e3db93fd8923064a753f483221e14c6dfb196032947305fe6e0063c3</originalsourceid><addsrcrecordid>eNptkcFLwzAUh4MoOHR3jwHPde8lbdoex9A5GHhQwVvI0kQ72mYm7WH-9aarCIIQyMvj-17IL4TcINwhQrHYrJ4TxIQBYwlgnp6RGYNMJGmZv53_1gIvyTyEPQBgiYILnJH9sqMqBBNCa7qeOku1r_taq4aGQevYp1bp3vlA6y4u63yr-tp1NBg9RPRI6_bQmNGe-hFz_l119dfpfPLWH6pT1-TCqiaY-c9-RV4f7l9Wj8n2ab1ZLbeJZiLtk0Jpy4XWYHi1K7mtipJxEKnKM27TgjOGBlMtKrvDUgBnZZpzyKwRBkBwza_I7TT34N3nYEIv927wXbxScox0lhdFFimYKO1dCN5YefB1q_xRIsgxVBlDjYUcQ5VjqFFZTEp8rVdN9Z_x5xv4N8ALePs</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3129457885</pqid></control><display><type>article</type><title>An assessment of critical success factors in information security implementation in organizations in Ghana</title><source>Library & Information Science Abstracts (LISA)</source><source>Emerald:Jisc Collections:Emerald Subject Collections HE and FE 2024-2026:Emerald Premier (reading list)</source><source>Alma/SFX Local Collection</source><creator>Nterful, Joshua ; Adam, Ibrahim Osman ; Alhassan, Muftawu Dzang ; Abdul-Salam, Abdallah ; Gbambegu Umar, Abubakar</creator><creatorcontrib>Nterful, Joshua ; Adam, Ibrahim Osman ; Alhassan, Muftawu Dzang ; Abdul-Salam, Abdallah ; Gbambegu Umar, Abubakar</creatorcontrib><description>Purpose
This paper aims to identify the critical success factors in improving information security in Ghanaian firms.
Design/methodology/approach
Through an exploratory study of both public and private Ghanaian organizations. The study relied on a research model based on the technology–organization–environment (TOE) framework and a survey instrument to collect data from 525 employees. The data was analyzed using partial least squares-structural equation modeling (PLS-SEM).
Findings
The findings confirm the role of the technological, organizational and environmental contexts as significant determinants in the implementation of information security in Ghanaian organizations. Results from PLS-SEM analysis demonstrated a positive correlation between the technology component of information security initiative, organization’s internal efforts toward its acceptance and a successful implementation of information security in Ghanaian firms. Top management support and fund allocation among others will result in positive information security initiatives and positive attitudes toward securing the organization’s information assets.
Research limitations/implications
The authors discussed the implications of the authors’ findings for research, practice and policy.
Social implications
The results of this study will be useful for both governmental and non-governmental organizations in terms of best practices for increasing information security. Results from this study will aid organizations in developing countries to better understand their information security needs and identify the necessary procedures to address them.
Originality/value
This study contributes to filling the knowledge gap in organizational information security research and the TOE framework. Despite the TOE framework being one of the most influential theories in contemporary research of information system domains in an organizational context, there is not enough research linking the domains of information security and the TOE model.</description><identifier>ISSN: 2056-4961</identifier><identifier>EISSN: 2056-497X</identifier><identifier>DOI: 10.1108/ICS-11-2022-0174</identifier><language>eng</language><publisher>Bingley: Emerald Publishing Limited</publisher><subject>Best practice ; Confidentiality ; Data analysis ; Data collection ; Data integrity ; Design factors ; Developing countries ; Hypotheses ; Industrialized nations ; Information management ; Information systems ; LDCs ; Literature reviews ; Malware ; NGOs ; Nongovernmental organizations ; Organizational aspects ; R&D ; Research & development ; Security ; Security management ; Security systems ; Statistical analysis ; Success factors ; System theory ; Technology adoption ; Technology assessment</subject><ispartof>Information and computer security, 2024-11, Vol.32 (5), p.573-597</ispartof><rights>Emerald Publishing Limited</rights><rights>Emerald Publishing Limited.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c264t-8acf36cc0e3db93fd8923064a753f483221e14c6dfb196032947305fe6e0063c3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925,34135</link.rule.ids></links><search><creatorcontrib>Nterful, Joshua</creatorcontrib><creatorcontrib>Adam, Ibrahim Osman</creatorcontrib><creatorcontrib>Alhassan, Muftawu Dzang</creatorcontrib><creatorcontrib>Abdul-Salam, Abdallah</creatorcontrib><creatorcontrib>Gbambegu Umar, Abubakar</creatorcontrib><title>An assessment of critical success factors in information security implementation in organizations in Ghana</title><title>Information and computer security</title><description>Purpose
This paper aims to identify the critical success factors in improving information security in Ghanaian firms.
Design/methodology/approach
Through an exploratory study of both public and private Ghanaian organizations. The study relied on a research model based on the technology–organization–environment (TOE) framework and a survey instrument to collect data from 525 employees. The data was analyzed using partial least squares-structural equation modeling (PLS-SEM).
Findings
The findings confirm the role of the technological, organizational and environmental contexts as significant determinants in the implementation of information security in Ghanaian organizations. Results from PLS-SEM analysis demonstrated a positive correlation between the technology component of information security initiative, organization’s internal efforts toward its acceptance and a successful implementation of information security in Ghanaian firms. Top management support and fund allocation among others will result in positive information security initiatives and positive attitudes toward securing the organization’s information assets.
Research limitations/implications
The authors discussed the implications of the authors’ findings for research, practice and policy.
Social implications
The results of this study will be useful for both governmental and non-governmental organizations in terms of best practices for increasing information security. Results from this study will aid organizations in developing countries to better understand their information security needs and identify the necessary procedures to address them.
Originality/value
This study contributes to filling the knowledge gap in organizational information security research and the TOE framework. Despite the TOE framework being one of the most influential theories in contemporary research of information system domains in an organizational context, there is not enough research linking the domains of information security and the TOE model.</description><subject>Best practice</subject><subject>Confidentiality</subject><subject>Data analysis</subject><subject>Data collection</subject><subject>Data integrity</subject><subject>Design factors</subject><subject>Developing countries</subject><subject>Hypotheses</subject><subject>Industrialized nations</subject><subject>Information management</subject><subject>Information systems</subject><subject>LDCs</subject><subject>Literature reviews</subject><subject>Malware</subject><subject>NGOs</subject><subject>Nongovernmental organizations</subject><subject>Organizational aspects</subject><subject>R&D</subject><subject>Research & development</subject><subject>Security</subject><subject>Security management</subject><subject>Security systems</subject><subject>Statistical analysis</subject><subject>Success factors</subject><subject>System theory</subject><subject>Technology adoption</subject><subject>Technology assessment</subject><issn>2056-4961</issn><issn>2056-497X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>F2A</sourceid><recordid>eNptkcFLwzAUh4MoOHR3jwHPde8lbdoex9A5GHhQwVvI0kQ72mYm7WH-9aarCIIQyMvj-17IL4TcINwhQrHYrJ4TxIQBYwlgnp6RGYNMJGmZv53_1gIvyTyEPQBgiYILnJH9sqMqBBNCa7qeOku1r_taq4aGQevYp1bp3vlA6y4u63yr-tp1NBg9RPRI6_bQmNGe-hFz_l119dfpfPLWH6pT1-TCqiaY-c9-RV4f7l9Wj8n2ab1ZLbeJZiLtk0Jpy4XWYHi1K7mtipJxEKnKM27TgjOGBlMtKrvDUgBnZZpzyKwRBkBwza_I7TT34N3nYEIv927wXbxScox0lhdFFimYKO1dCN5YefB1q_xRIsgxVBlDjYUcQ5VjqFFZTEp8rVdN9Z_x5xv4N8ALePs</recordid><startdate>20241120</startdate><enddate>20241120</enddate><creator>Nterful, Joshua</creator><creator>Adam, Ibrahim Osman</creator><creator>Alhassan, Muftawu Dzang</creator><creator>Abdul-Salam, Abdallah</creator><creator>Gbambegu Umar, Abubakar</creator><general>Emerald Publishing Limited</general><general>Emerald Group Publishing Limited</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>E3H</scope><scope>F2A</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20241120</creationdate><title>An assessment of critical success factors in information security implementation in organizations in Ghana</title><author>Nterful, Joshua ; Adam, Ibrahim Osman ; Alhassan, Muftawu Dzang ; Abdul-Salam, Abdallah ; Gbambegu Umar, Abubakar</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c264t-8acf36cc0e3db93fd8923064a753f483221e14c6dfb196032947305fe6e0063c3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Best practice</topic><topic>Confidentiality</topic><topic>Data analysis</topic><topic>Data collection</topic><topic>Data integrity</topic><topic>Design factors</topic><topic>Developing countries</topic><topic>Hypotheses</topic><topic>Industrialized nations</topic><topic>Information management</topic><topic>Information systems</topic><topic>LDCs</topic><topic>Literature reviews</topic><topic>Malware</topic><topic>NGOs</topic><topic>Nongovernmental organizations</topic><topic>Organizational aspects</topic><topic>R&D</topic><topic>Research & development</topic><topic>Security</topic><topic>Security management</topic><topic>Security systems</topic><topic>Statistical analysis</topic><topic>Success factors</topic><topic>System theory</topic><topic>Technology adoption</topic><topic>Technology assessment</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Nterful, Joshua</creatorcontrib><creatorcontrib>Adam, Ibrahim Osman</creatorcontrib><creatorcontrib>Alhassan, Muftawu Dzang</creatorcontrib><creatorcontrib>Abdul-Salam, Abdallah</creatorcontrib><creatorcontrib>Gbambegu Umar, Abubakar</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>Library & Information Sciences Abstracts (LISA)</collection><collection>Library & Information Science Abstracts (LISA)</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Information and computer security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Nterful, Joshua</au><au>Adam, Ibrahim Osman</au><au>Alhassan, Muftawu Dzang</au><au>Abdul-Salam, Abdallah</au><au>Gbambegu Umar, Abubakar</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An assessment of critical success factors in information security implementation in organizations in Ghana</atitle><jtitle>Information and computer security</jtitle><date>2024-11-20</date><risdate>2024</risdate><volume>32</volume><issue>5</issue><spage>573</spage><epage>597</epage><pages>573-597</pages><issn>2056-4961</issn><eissn>2056-497X</eissn><abstract>Purpose
This paper aims to identify the critical success factors in improving information security in Ghanaian firms.
Design/methodology/approach
Through an exploratory study of both public and private Ghanaian organizations. The study relied on a research model based on the technology–organization–environment (TOE) framework and a survey instrument to collect data from 525 employees. The data was analyzed using partial least squares-structural equation modeling (PLS-SEM).
Findings
The findings confirm the role of the technological, organizational and environmental contexts as significant determinants in the implementation of information security in Ghanaian organizations. Results from PLS-SEM analysis demonstrated a positive correlation between the technology component of information security initiative, organization’s internal efforts toward its acceptance and a successful implementation of information security in Ghanaian firms. Top management support and fund allocation among others will result in positive information security initiatives and positive attitudes toward securing the organization’s information assets.
Research limitations/implications
The authors discussed the implications of the authors’ findings for research, practice and policy.
Social implications
The results of this study will be useful for both governmental and non-governmental organizations in terms of best practices for increasing information security. Results from this study will aid organizations in developing countries to better understand their information security needs and identify the necessary procedures to address them.
Originality/value
This study contributes to filling the knowledge gap in organizational information security research and the TOE framework. Despite the TOE framework being one of the most influential theories in contemporary research of information system domains in an organizational context, there is not enough research linking the domains of information security and the TOE model.</abstract><cop>Bingley</cop><pub>Emerald Publishing Limited</pub><doi>10.1108/ICS-11-2022-0174</doi><tpages>25</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2056-4961 |
| ispartof | Information and computer security, 2024-11, Vol.32 (5), p.573-597 |
| issn | 2056-4961 2056-497X |
| language | eng |
| recordid | cdi_crossref_primary_10_1108_ICS_11_2022_0174 |
| source | Library & Information Science Abstracts (LISA); Emerald:Jisc Collections:Emerald Subject Collections HE and FE 2024-2026:Emerald Premier (reading list); Alma/SFX Local Collection |
| subjects | Best practice Confidentiality Data analysis Data collection Data integrity Design factors Developing countries Hypotheses Industrialized nations Information management Information systems LDCs Literature reviews Malware NGOs Nongovernmental organizations Organizational aspects R&D Research & development Security Security management Security systems Statistical analysis Success factors System theory Technology adoption Technology assessment |
| title | An assessment of critical success factors in information security implementation in organizations in Ghana |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T11%3A02%3A05IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20assessment%20of%20critical%20success%20factors%20in%20information%20security%20implementation%20in%20organizations%20in%20Ghana&rft.jtitle=Information%20and%20computer%20security&rft.au=Nterful,%20Joshua&rft.date=2024-11-20&rft.volume=32&rft.issue=5&rft.spage=573&rft.epage=597&rft.pages=573-597&rft.issn=2056-4961&rft.eissn=2056-497X&rft_id=info:doi/10.1108/ICS-11-2022-0174&rft_dat=%3Cproquest_cross%3E3129457885%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c264t-8acf36cc0e3db93fd8923064a753f483221e14c6dfb196032947305fe6e0063c3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=3129457885&rft_id=info:pmid/&rfr_iscdi=true |