系统管理学报 ›› 2019, Vol. 28 ›› Issue (5): 846-856.DOI: 10.3969/j.issn.1005-2542.2019.05.006

• 管理信息系统 • 上一篇    下一篇

高管支持对信息安全绩效的影响——探讨制度化过程的中介效应

甄杰1 ,谢宗晓2,陈琳3,林润辉2   

  1. 1.重庆工商大学,重庆 400067 2. 南开大学商学院,天津 3000713.山东科技大学公共管理系,山东青岛 266590
  • 出版日期:2019-09-28 发布日期:2019-11-02
  • 作者简介:甄杰(1986-),男,博士,讲师。研究方向为行为信息安全。
  • 基金资助:
    国家自然科学基金资助项目(7113200171672123

Impact of Top Management Support on Information Security Performance: A Exploration into the Mediating Role of Institutionalization

ZHEN Jie1, XIE Zongxiao2, CHEN Lin3, LIN Runhui2   

  1. 1. Chongqing Technology and Business University, Chongqing 400067, China; 2. Business School, Nankai University, Tianjin 300071, China; 3. Department of Public Administration, Shandong University of Science and Technology, Qingdao 266590, Shandong, China
  • Online:2019-09-28 Published:2019-11-02

摘要: 基于高阶理论和新制度理论探讨了高管支持、制度化过程(包括识别、履行和内化3个维度)与信息安全绩效之间的关系。以国内通过信息安全管理体系认证(ISO/IEC 27001)的148家企业为调研对象开展问卷调查,采用Smart PLS 3.0SPSS 22.0Process插件进行统计分析和中介效应检验。结果表明,高管支持对信息安全绩效以及制度化过程的识别、履行和内化有显著正向影响;识别和履行对信息安全绩效有显著正向影响,并且在高管支持与信息安全绩效关系中起多重中介效应。研究结论对企业如何借助高管支持来推动信息安全制度化过程,进而提高企业信息安全绩效有重要管理启示。

甄杰,谢宗晓,陈琳,等. 高管支持对信息安全绩效的影响——探讨制度化过程的中介效应[J]. 系统管理学报,2019,28(5):846-856.

关键词: 高管支持, 制度化, 信息安全绩效

Abstract: Based on the upper echelons theory and the neo-institutional theory, this paper explored the relationship between top management support, institutionalization, and information security performance. A questionnaire survey was conducted among 148 enterprises which had passed the certification of information security management system ISO/IEC 27001, and Smart PLS 3.0 and Bootstrap method of SPSS 22.0 were used for statistical analysis and mediation effect test. The results show that top management support has a positive effect on information security performance, identification, implementation, and internalization while identification and implementation have a positive effect on information security performance. In addition, top management support affects information security performance via the mediating effect of identification and implementation. The findings have important management implications for enterprises on the promotion of the process of information security institutionalization with the  top management support and the improvement of information security performance via institutionalization.

Key words: top management support, institutionalization, information security performance

中图分类号: