Abstract
Information security management (ISM) has emerged as a major challenge to sustainable management of companies that highly rely on information technology (IT). To achieve organizational sustainability for managing assets, it is critical for all members of the organization to be assimilated into ISM. An important consideration of ISM assimilation is sustainable IT capabilities. However, so far, there are limited empirical studies on ISM assimilation, particularly those focusing on importance of the organization’s sustainable IT capabilities. Therefore, this study proposes three sustainable IT capabilities (viz., IT infrastructure, IT business spanning capability, and IT proactive stance) with their antecedents based on the existing research, and attempts to empirically prove the impact of these sustainable IT capabilities on ISM assimilation for sustainable management of assets. Additionally, this study proposes policy-to-technology balance as a moderator on the relationships between the three sustainable IT capabilities and ISM assimilation to examine the impact of the non-technical aspect. Responses from 232 upper-management-level employees at various firms currently implementing ISM were collected. Structural equation analysis was run using AMOS 22.0. The results show that the three sustainable IT capabilities were found to have a positive effect on ISM. Furthermore, policy-to-technology balance was found to strengthen the relationship between two IT capabilities (IT infrastructure and IT business spanning capability) and ISM assimilation. However, it emerges that the policy-to-technology balance does not impact IT proactive stance and assimilation. The findings provide meaningful information for future research on sustainable IT capabilities and ISM along with key guidance for the organization to establish a complementary strategy for sustainable assets.
Highlights
Several present-day businesses rely heavily on information technology (IT) as a crucial tool to ensure productivity and efficiency across their activities
We evaluated the first-order measurement model based on several analyses, including overall fitness, individual item loading, composite reliability (CR), average variance extracted (AVE), and Cronbach’s alpha to demonstrate the validity and reliability and to determine if any modification was needed
The results demonstrated the overall fitness of the first-order variables because the value of all indices (χ2/df = 1.674, normal fit index (NFI) = 0.949, goodness-of-fit index (GFI) = 0.937, adjusted goodness-of-fit index (AGFI) = 0.901, comparative fit index (CFI) = 0.958, and root mean square error of approximation (RMSEA) = 0.041) exceeded the threshold (χ2/df < 1.674, NFI, GFI, and CFI ≥ 0.90, AGFI ≥ 0.80, RMSEA ≤ 0.05)
Summary
Several present-day businesses rely heavily on information technology (IT) as a crucial tool to ensure productivity and efficiency across their activities. While adoption of a wide range of information technologies has resulted in higher productivity and efficiency, companies are constantly exposed to security risks, which pose a potential threat to the organization’s sustainability [2]. Focusing on the ISM to maintain a higher level of business sustainability. This is because security risks, that is, the risk of loss of integrity, privacy, or accessibility of information in any form due to ineffectual management or unplanned events, are likely to cause tremendous damages, both tangible and intangible, such as a decline in corporate brand value, a decrease in corporate credibility, and financial damage [6]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
