Perceived significance of information security governance to predict the information security service quality in software service industry

2014 ◽  
Vol 22 (1) ◽  
pp. 2-23 ◽  
Author(s):  
Sanjay Bahl ◽  
O.P. Wali
Keyword(s):  
Information Security ◽  
Service Quality ◽  
Significant Finding ◽  
Total Quality ◽  
Content Type ◽  
Security Governance ◽  
Security Service ◽  
Information Security Governance ◽  
Software Services

Purpose – Information security is a growing concern in society, across businesses and government. As the offshore IT services market continues to grow providing numerous benefits, there are also perceived risks with respect to the quality of information security delivered in the supply chain. This paper aims to examine, as a case, the perceptions of Indian software services provider (service provider) employees with respect to information security governance and its impact on information security service quality that is delivered to customers. Design/methodology/approach – The paper provides a framework built upon the existing dimensions and instruments for total quality management and service quality, suitably modified to reflect the context of information security. SmartPLS, a structural equation modelling technique, has been used to analyse field survey data collected from across various Indian cities and companies. Findings – Significant finding is that information security governance in an IT outsourcing company providing software services has a highly significant impact on the information security service quality, which can be predicted. The paper also establishes that there is a positive relationship collectively between elements of information security governance and information security service quality. Research limitations/implications – Since data used in this study were taken solely from the responses of employees of outsourced service companies in India, it does not show if this translates into service improvements as perceived by the customer. Practical implications – Information security governance should be made an integral part of corporate governance and is an effective strategic technique, if software outsourcing business enterprises want to achieve a competitive edge, provide client satisfaction and create trust. Originality/value – The paper presents empirical data validation of the connection between information security governance and quality of service.

Evaluating the total quality and its role in measuring consumer satisfaction with e-healthcare services using the 5Qs model: a structure equation modeling approach

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Prachi Verma ◽  
Satinder Kumar ◽  
Sanjeev K. Sharma
Keyword(s):  
Service Quality ◽  
Consumer Satisfaction ◽  
Healthcare Service ◽  
Healthcare Services ◽  
Public Hospitals ◽  
Equation Modeling ◽  
Total Quality ◽  
Content Type ◽  
Quality Perceptions

PurposeThis article initially aims to explore the factors of every quality construct of the 5Qs model of service quality and, second, identify the significant factors affecting the total quality of e-healthcare services and its association with consumer satisfaction using a multidimensional hierarchical 5Qs model of e-healthcare service quality.Design/methodology/approachQuestionnaire-oriented research was performed at three public hospitals of Punjab and Chandigarh. In total, 53 variables were covered in all quality constructs for data collection from the designated public hospitals. The respondents who agreed to have knowledge regarding e-Healthcare services and were availing these services were included in the study. The analysis comprised structural equation modeling technique using AMOS 21.FindingsThe outcomes suggest that the 5Qs model is more comprehensive and can be used to evaluate service quality perceptions using e-Healthcare services. The research identified 11 sub-dimensions for the five quality constructs of the 5Qs model, representing total quality, which is primary to consumer satisfaction. “Overall objectivity” and “technical objectivity” defined the quality of object. The quality of process of e-Healthcare services was characterized by “functionality,” “timeliness” and “responsiveness.” Quality of infrastructure was defined by “technical infrastructure,” “physical infrastructure,” “manpower skills” and “organizational infrastructure.” “Manner of interaction” and “timely interaction” defined the quality of interaction. The atmosphere was represented by only one factor. The results also suggest that quality of infrastructure, quality of interaction and quality of atmosphere play the most significant role in total quality leading to consumer satisfaction.Research limitations/implicationsTheoretical implications: The multidimensional hierarchical model will help the researchers study the e-Healthcare service quality in a more organized manner, and the outcomes of this study can be linked with that of future studies for more generalized application in other public hospitals. The sub-dimensions of each quality construct of the 5Qs model can be applied in private hospitals, and the hierarchical model can be tested in different industries to measure service quality perceptions of the consumerPractical implicationsThe outcomes of the study can be applied in various public sector hospitals to redesign the e-Healthcare services based on consumers' perception for better consumer satisfaction and quality services. This paper identifies the role of each quality construct in e-Healthcare services for improvement in the total quality, which in turn will lead to higher satisfaction for the consumers.Originality/valueIn this study, the original 5Qs model has been used for the first time in a new instrument to understand better and design quality e-Healthcare services. The paper explores the sub-factors of each quality construct and its significance in measuring the total quality.

Information security governance for e-services in southern African developing countries e-Government projects

2016 ◽  
Vol 7 (1) ◽  
pp. 26-42 ◽  
Author(s):  
Avinash Ramtohul ◽  
K.M.S. Soyjaudah
Keyword(s):  
Information Security ◽  
Emerging Economies ◽  
Security Policy ◽  
Software Integration ◽  
Security Measures ◽  
Content Type ◽  
Security Governance ◽  
Single Sign On ◽  
Information Security Governance ◽  
The Government

Purpose – Highly sensitive information pertaining to citizens and government transactions is processed in an electronic format, making information security a critical part of e-Government applications and architectures. Information security measures should ideally span from authentication to authorisation and from logical/physical access control to auditing of electronic transactions and log books. The lack of such measures compromises confidentiality, integrity and availability of information. Today, most e-Government projects in developing countries in Southern Africa Developing Community (SADC) face challenges in two main areas, namely, information security and application software integration. This paper aims to discuss and analyse the information security requirements for e-Government projects and proposes an information security governance model for service-based architectures (SBAs). Design/methodology/approach – The current state of information security in emerging economies in SADC countries was researched. The main problems identified were the lack of software integration and information security governance, policy and administration. The design consists of three basic layers: information security governance defined at the strategic level of the government; information security policy/management defined at the management/operational level; and information security measures, implemented at the technical level. This section also proposes a policy for implementing public key infrastructures to protect information, transactions and e-services. A Token-Ring-based mechanism for implementing Single-Sign-On has also been developed as part of this study. Findings – The main problems identified were the lack of software integration and information security governance, policy and administration. These challenges are causing e-government projects to stagnate. Practical implications – The proposed approach for implementing information security in e-Government systems will ensure a holistic approach to ensuring confidentiality, integrity and non-repudiation, allowing e-Government maturity to progress from “interaction” to “online transaction” stage in emerging economies. Originality/value – Research has not focused on developing a solution for emerging economies which are facing difficulties in integration software applications to deploy end-to-end e-services and to produce an underlying identity management architecture and information security governance to secure the e-services developed and deployed using an SBA. The work produced in this paper is specific to SBAs in e-government environments where legacy systems already exist. The work includes: information security governance defined at the strategic level of the government; information security policy/management defined at the management/operational level; and information security measures implemented at the technical level. This section also proposes a policy for implementing public key infrastructures to protect information, transactions and e-services. A Token-Ring-based mechanism for implementing Single-Sign-On has also been developed as part of this study.

Organizational objectives for information security governance: a value focused assessment

2015 ◽  
Vol 23 (2) ◽  
pp. 122-144 ◽  
Author(s):  
Sushma Mishra
Keyword(s):  
Information Security ◽  
Value Theory ◽  
Individual Values ◽  
Content Type ◽  
Security Governance ◽  
Comprehensive List ◽  
A Value ◽  
Value Focused Thinking ◽  
Information Security Governance ◽  
Organizational Security

Purpose – The purpose of this study is to develop theoretically grounded and empirically derived organizational security governance (OSG) objectives. Developing organizational security governance (OSG) objectives pose significant challenges for organizations considering the ever-increasing vulnerability from lack of or misuse of appropriate controls. In recent years, there have been several cases of colossal losses to businesses due to inadequate security governance measure. In many cases, organizations do not even know as to what their ISG objectives might be. Following an extensive empirical study, this paper proposes 6 fundamental and 17 means objectives for designing security governance. The objectives were developed from individual values of information technology and security executives across a wide range of firms. The study comprised 52 interview respondents across 9 firms, which resulted in 23 OSG objectives. Theoretically, the study was grounded in Catton’s (1959) value theory and Keeney’s (1992) value-focused thinking. The objectives provide a useful basis for strategic planning for information security governance. Design/methodology/approach – This research is grounded in value-focused thinking methodology. Step 1: develop a comprehensive list of personal values underlying the problem being explored. The researcher undertakes extensive interviews, using relevant probes, to elicit underlying values of respondents. Step 2: change the values enlisted to a common form and convert them into objectives. The data collected in Step 1 is collated and presented in a common form, which enables cross-comparison and easy interpretation. Step 3: classify the objectives as means and fundamental for the decision context. Objectives are clustered into groups and then classified into fundamental and means. Findings – This study uses a value-focused approach to develop OSG objectives. Incorporating individual values in developing governance objectives would facilitate alignment of individual and organizational values about OSG. This study proposes 6 fundamental and 17 means objectives for OSG. The study provides a comprehensive list of OSG that is rooted in values of stakeholders in an organization. Originality/value – The main contributions study can be classified in two categories. First, it represents a collective set of OSG objectives which touch upon technical, formal, informal, moral and ethical dimensions of governance. This is a unique, synthesized and cohesive framework for OSG, which incorporates several aspects of OSG into one platform, thus allowing the development of a comprehensive security management program. Second, some of the objectives developed in this research (“establish corporate control strategy”, “establish punitive structure”, “establish clear control development process”, “ensure formal control assessment functionality” and “maximize group cohesiveness”) have not been emphasized enough in security governance literature.

What do we know about information security governance?

2020 ◽  
Vol 28 (2) ◽  
pp. 261-292 ◽  
Author(s):  
Stef Schinagl ◽  
Abbas Shahim
Keyword(s):  
Information Security ◽  
Decision Makers ◽  
Business Climate ◽  
Privacy And Security ◽  
Content Type ◽  
Security Governance ◽  
Body Of Knowledge ◽  
Information Security Governance ◽  
New Research ◽  
Practical Implications

Purpose This paper aims to review the information security governance (ISG) literature and emphasises the tensions that exist at the intersection of the rapidly changing business climate and the current body of knowledge on ISG. Design/methodology/approach The intention of the authors was to conduct a systematic literature review. However, owing to limited empirical papers in ISG research, this paper is more conceptually organised. Findings This paper shows that security has shifted from a narrow-focused isolated issue towards a strategic business issue with “from the basement to the boardroom” implications. The key takeaway is that protecting the organisation is important, but organizations must also develop strategies to ensure resilient businesses to take advantage of the opportunities that digitalization can bring. Research limitations/implications The concept of DSG is a new research territory that addresses the limitations and gaps of traditional ISG approaches in a digital context. To this extent, organisational theories are suggested to help build knowledge that offers a deeper understanding than that provided by the too often used practical approaches in ISG research. Practical implications This paper supports practitioners and decision makers by providing a deeper understanding of how organisations and their security approaches are actually affected by digitalisation. Social implications This paper helps individuals to understand that they have increasing rights with regard to privacy and security and a say in what parties they assign business to. Originality/value This paper makes a novel contribution to ISG research. To the authors’ knowledge, this is the first attempt to review and structure the ISG literature.

Information security governance implementation within Ghanaian industry sectors

2014 ◽  
Vol 22 (3) ◽  
pp. 235-250 ◽  
Author(s):  
Winfred Yaokumah
Keyword(s):  
Information Security ◽  
Business Strategy ◽  
Oil And Gas ◽  
Sampling Strategy ◽  
Content Type ◽  
Security Governance ◽  
Utility Companies ◽  
Information Security Governance ◽  
And Performance ◽  
Industry Sectors

Purpose – The purpose of this study is to assess the levels of information security governance (ISG) implementation among major Ghanaian industry sectors. The intent is to benchmark inter-industry sector ISG implementation and to identify areas that may require improvement. Design/methodology/approach – Random sampling strategy was used, and data were collected via Web survey. The data analysis utilized a one-way analysis of variance to determine the differences in means of the levels of implementation of ISG focus areas among five main industry sectors. Findings – The results showed that, as a whole, all the industry sectors have only partially implemented ISG. In particular, there existed statistical significant differences in ISG implementation among the industry sectors. Ranking ISG implementation, Financial Institutions were close to completion, Utility Companies, Others (Information Technology, Oil and Gas, Manufacturing) and Public Services had PI ISG and health care and educational institutions were at the planning stages. The result also revealed that all the industry sectors made marginal effort trying to align information security to business strategy, and performance measurement remained the least implemented focus area. Originality/value – Organizational leaders could use these findings to benchmark industry sectors’ ISG implementation, which could lead to competitiveness. Again, international enterprises that do businesses with these industry sectors would better understand the level of involvement of the top executives in governing information security toward the protection of valuable information assets.

ISO 9001 and the public service: an investigation of the effect of the QMS on the quality of public service organizations

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Jorge Armando López-Lemus
Keyword(s):  
Public Sector ◽  
Service Quality ◽  
Public Service ◽  
Public Services ◽  
The State ◽  
Iso 9001 ◽  
Knowledge Generation ◽  
Content Type ◽  
The Public

Purpose The purpose of this paper is to identify the influence exerted by a quality management system (QMS) under ISO 9001: 2015 on the quality of public services organizations in Mexico. Design/methodology/approach The methodological design was quantitative, explanatory, observational and transversal, for which a sample of 461 public servants from the state of Guanajuato, Mexico was obtained. To test the hypotheses, a structural equation model (SEM) was developed through the statistical software Amos v.21. For the analysis of the data, software SPSS v.21 was used. Regarding the goodness and adjustment indices of the SEM (χ2 = 720.09, df = 320, CFI = 0.933, TLI = 0.926 and RMSEA = 0.05) which, therefore, proved to be acceptable. Findings According to the results obtained through the SEM model, the QMS under ISO 9001: 2015 is positively and significantly influenced tangible aspects (β1 = 0.79, p < 0.01), reliability (β2 = 0.90, p < 0.01), related to response quality (β3 = 0.93, p < 0.01), guarantees (β4 = 0.91, p < 0.01) and empathy (β5 = 0.88, p < 0.01) of the quality related to public services in Mexico. The study’s key contribution is that it discovered that implementing a QMS in accordance with the ISO 9001: 2015 standard has an impact on the quality of public services, with the most influential quality of response. Similarly, the assurance and dependability of service quality turned out to be important in providing public service quality. Research limitations/implications In this paper, the QMS was only evaluated as a variable that intervenes in the process of obtaining quality in public service under the ISO 9001 standard in its 2015 version. In this regard, the results’ trustworthiness is limited to the extent that the findings may be generalized in the state of Guanajuato, Mexico’s public service. As a result, the scientific community is left primarily focused on service quality to promote new future research. Practical implications The ISO 9001: 2015 standard’s QMS is one of the tools for success in both the commercial and government sectors. However, there are practical limitations, which focus on the time during which managers exercise their vision in the public sector: first, the dynamics that managers play in public policy; second, the length of time they have served in public office; and third, the interest of directors of public institutions to improve the quality of service provided by the government. Other practical consequences concern organizational culture and identity, public servant commitment, senior management or secretaries of government, as well as work and training. Originality/value The findings of this paper are important and valuable because they foster knowledge generation in the public sector through the ISO 9000 quality area. A model that permits the adoption and implementation of a QMS based on the ISO 9001: 2015 standard in public organizations that seek to provide quality in their services offered to the user is also presented to the literature. Similarly, the paper is important because there is currently insufficient research focusing on the variables examined in the context of public service in Mexico.

Service journey quality: conceptualization, measurement and customer outcomes

2021 ◽  
Vol 32 (6) ◽  
pp. 1-27
Author(s):  
Elina Jaakkola ◽  
Harri Terho
Keyword(s):  
Service Quality ◽  
Service Delivery ◽  
Customer Loyalty ◽  
Financial Services ◽  
Three Dimensions ◽  
Service Research ◽  
Research Approach ◽  
Critical Determinant ◽  
Content Type

PurposeThe quality of the customer journey has become a critical determinant of successful service delivery in contemporary business. Extant journey research focuses on the customer path to purchase, but pays less attention to the touchpoints related to service delivery and consumption that are key for understanding customer experiences in service-intensive contexts. The purpose of this study is to conceptualize service journey quality (SJQ), develop measures for the construct and study its key outcomes.Design/methodology/approachThe study uses a discovery-oriented research approach to conceptualize SJQ by synthesizing theory and field-based insights from customer focus group discussions. Next, using consumer survey data (N = 278) from the financial services context, the authors develop measures for the SJQ. Finally, based on an additional survey dataset (N = 239), the authors test the nomological validity and predictive relevance of the SJQ.FindingsSJQ comprises of three dimensions: (1) journey seamlessness, (2) journey personalization and (3) journey coherence. This study demonstrates that SJQ is a critical driver of service quality and customer loyalty in contemporary business. This study finds that the loyalty link is partially mediated through service quality, indicating that SJQ explains loyalty above and beyond service quality.Research limitations/implicationsSince service quality only partially mediates the link between service journey quality and customer loyalty, future studies should examine alternative mediators, such as customer experience, for a more comprehensive understanding of the performance effects.Practical implicationsThe study offers concrete tools for service managers who wish to understand and develop the quality of service journeys.Originality/valueThis study advances the service journey concept, demonstrates that the quality of the service journey is a critical driver of customer performance and provides rigorous journey constructs for future service research.

Identifying the gaps between customer expectations and perceptions on service quality dimensions of Islamic banks in Malaysia

2015 ◽  
Vol 7 (4) ◽  
pp. 424-441 ◽  
Author(s):  
Rafikul Islam ◽  
Selim Ahmed ◽  
Dzuljastri Abdul Razak
Keyword(s):  
Service Quality ◽  
Age Groups ◽  
Educational Background ◽  
Islamic Banking ◽  
Islamic Banks ◽  
Content Type ◽  
Customer Expectations ◽  
Banking Service ◽  
Significant Difference

Purpose – This paper aims to identify the gaps and differences between customer expectations and perceptions on service quality of Islamic banks in Malaysia based on six dimensions of service quality, namely, reliability, responsiveness, assurance, empathy, tangibles and Islamic Shari’ah compliance. Design/methodology/approach – This study surveyed 179 customers who have first-hand experience with Islamic banking services in Malaysia. The research data were analysed using reliability analysis, independent samples t-test and one-way analysis of variance. Findings – The results indicated that customers’ perceptions failed to meet their expectations on the service quality of Islamic banks in Malaysia. The results also indicated that those customers (respondents) aged below 30 years have higher expectations on empathy from the Islamic banking service compared to other age groups. However, there is no significant difference between customer expectations and perceptions of Islamic banking service quality based on educational background and occupation. Research limitations/implications – This research focused solely on Islamic banks in Malaysia and thus the results might not be applicable for other conventional banks. Originality/value – The findings are expected to provide guidelines for enhancing the satisfaction level of clients of the Islamic banking system in Malaysia and other countries.

Sign in / Sign up

Export Citation Format

Share Document