A Study of Factors Affecting Information System Security Outsourcing

• Main Authors: Yu-Chia Chan, 詹育嘉
• Other Authors: Jinsheng Roan
• Format: Others
• Language: zh-TW
• Published: 2005
• Online Access: http://ndltd.ncl.edu.tw/handle/38061121043557424778

碩士 === 國立中正大學 === 資訊管理學系 === 93 === Under the pressure of global competition, numerous of organizations have started to implement information system/technology (IS/IT) and Internet applications to reach their business objectives. The more those enterprises rely on information systems and technologies to conduct their commercial operation, the severer and more complicated they will face the challenges of information system security. Thus, the reliability and effectiveness of the information system have become the primary concern of the enterprises. Outsourcing IS security is one of the options to protect information assets. With the pervasive practices of IS/IT outsourcing, what are the safety factors and outcomes for the enterprises that utilize IS/IT outsourcing has become the target of this research. This study examines the relationship between the degree of IS security outsourcing and the success of the outsourcing, and the effects of partnership, service quality, and IS outsourcing experiences on this relationship. Based on the data analysis, we found the followings: 1. The degree of IS security outsourcing is not significantly affected by the sizes of the companies and that of the MIS departments. 2. The degree of IS security outsourcing is not significantly related to the effectiveness of IS security outsourcing. 3. Both Service quality and IS outsourcing experiences are positive intervening variables in the above relationship. 4. Partnership is positively correlated with the sizes of the companies and that of the MIS departments regardless the levels of IS security outsourcing experiences. The implication of this study suggests that for the companies who considering provide the services of IS security services, should target their strategies according to the risk factor of the organization. Enterprises that can bear higher risks may seek outsourcing their IS security functions, but they also must emphasize the partnerships between two parties to establish a ‘win-win information partnership.’