Information assets security requirement: The relationship between confidentiality and availability of information assets in ICT outsourcing

Information Communication Technology (ICT) Outsourcing provides an effective ways to cut cost and improve efficiency in ICT services. However, the strategy could invite some risks including information security risk. Therefore, fundamental concepts of information security requirements such as confid...

Full description

Saved in:
Bibliographic Details
Published in2012 IEEE Colloquium on Humanities, Science and Engineering (CHUSER) pp. 193 - 197
Main Authors Khidzir, N. Z., Mohamed, A., Arshad, N. H. H.
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.12.2012
Subjects
Availability
Confidentiality
ICT Outsourcing
Information Asset
Information Security Requirement
Online AccessGet full text

Cover

More Information
Summary:Information Communication Technology (ICT) Outsourcing provides an effective ways to cut cost and improve efficiency in ICT services. However, the strategy could invite some risks including information security risk. Therefore, fundamental concepts of information security requirements such as confidentiality, integrity and availability for information assets involved in ICT outsourcing cycle need to be identified extensively to ensure these information assets are secure from security risks. Hence, the main objective of this research is to conduct an empirical study on relationship between information assets confidentiality and availability in ICT outsourcing. Questionnaires were distributed to 300 private companies from various industry and government agencies in Malaysia for the study. Findings reveal that the higher the confidentiality level, the higher the availability level of the information assets. However, the findings revealed dissimilar relationship strength between confidentiality and availability of information assets in ICT outsourcing phases. Strong positive relationship exists between confidentiality and availability in Selection of Service Provider and On-going Monitoring phase. But, moderate positive relationship exists in Analysis of Decision to Outsource and Contract Management phases. Based from these findings, organization could improve their plan and practices in managing information assets and to urgently address information security risks in ICT outsourcing project implementation.
ISBN:1467346152
9781467346153
DOI:10.1109/CHUSER.2012.6504309