Welcome to the InfoSci Platform
Reference Hub9
Integrating Knowledge Management into Information Security: From Audit to Practice

Integrating Knowledge Management into Information Security: From Audit to Practice

Cheuk Hang Au, Walter S. L. Fung
Copyright: © 2019 |Volume: 15 |Issue: 1 |Pages: 16
ISSN: 1548-0666|EISSN: 1548-0658|EISBN13: 9781522564102|DOI: 10.4018/IJKM.2019010103
Cite Article Cite Article

MLA

Au, Cheuk Hang, and Walter S. L. Fung. "Integrating Knowledge Management into Information Security: From Audit to Practice." IJKM vol.15, no.1 2019: pp.37-52. http://doi.org/10.4018/IJKM.2019010103

APA

Au, C. H. & Fung, W. S. (2019). Integrating Knowledge Management into Information Security: From Audit to Practice. International Journal of Knowledge Management (IJKM), 15(1), 37-52. http://doi.org/10.4018/IJKM.2019010103

Chicago

Au, Cheuk Hang, and Walter S. L. Fung. "Integrating Knowledge Management into Information Security: From Audit to Practice," International Journal of Knowledge Management (IJKM) 15, no.1: 37-52. http://doi.org/10.4018/IJKM.2019010103

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Repeated information security (InfoSec) incidents have harmed the confidence of people on enterprises' InfoSec capability. While most organisations adopt control frameworks such as ISO27001 and COBIT, the role and contribution of knowledge management on InfoSec was inadequately considered. The authors integrated the concepts of knowledge-centric information security and IT Governance (ITG) into an ITG-driven knowledge framework (ITGKF) for reinforcing InfoSec maturity and auditability of enterprises. The authors also tried to assess whether ITG can embrace proper knowledge circulation within the InfoSec community. The authors confirmed the positive influence of IT governance on knowledge-centric information security (KCIS) and information security maturity and audit result (ISMAR), the positive influence of KCIS on ISMAR, and the mediating role of KCIS between ITG and ISMAR. These indicated the significance of KM in InfoSec area. Based on the findings, they proposed possible changes of integrating KM in different InfoSec practices and audit standard.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.