Information Security Management Practices in the organizations (ISMP)

The research problem, research question, research objectives, research approach, and thesis structure were discussed in this thesis along with a discussion of the deficiency of current literature on ISMP as well as the background information on the topic. We also reviewed academic and professional literature, which included a critical analysis of existing frameworks and models that were developed to assist organizations in developing an effective information security program. According to a review of the existing ISM literature concerning ISMP guidance, three deficiencies were identified. As a result of this research project, organizations will be provided with comprehensive, coherent, and empirically tested guidance on ISMPs, by addressing the deficiencies identified in previous research. The specific objectives of the research were to respond to the research questions regarding the provision of coherent, comprehensive information security management guidance to organizations and ultimately to improve information security management effectiveness. To accomplish this, the researcher had to identify and address the gaps found in the literature and examine research methods to determine their suitability for this research. In order to be a mature researcher, he has understood the importance of choosing the right type of research approach for the research questions. To develop the preliminary research framework, he discovered the importance of conducting a literature review and synthesizing the knowledge regarding ISMPs. Furthermore, since this topic is sensitive and might expose participants to risks, ethical approaches were also of utmost importance.