Information security management system implementation success factors: a review

Abstract

Information Security Management System (ISMS) is an information security compliance standards implemented in organization to provide specifications and controls for protecting information assets and to increase the integrity and confidence of clients over the respective organization. The cognizance in preserving and securing the critical information has led many organization to adopt ISMS. The objective of this study is to review and identify success factors that could influence the ISMS self-implementation in organizations. Based on twenty most relevant and recent studies, ten factors are extracted which can be considered important in the ISMS implementation. In particular, staff awareness and training and top management support are found to be the most crucial factors in determining the successful implementation of ISMS and the rating of the importance for both factors are almost equal. All factors identified can be hypothesized to influence the successful implementation of ISMS in organization thus all factors identified can be further evaluated empirically by both qualitative and quantitative methodology.