Will the Certification System for Information Security Management Help to Improve Organizations’ Information Security Performance? The Case of K-ISMS

Abstract

Statistical Analysis: In this study, based on prior studies dealing with the goal and evaluation items of ISMS certification, we developed a model to measure the performance of ISMS certification, using the SERVQUAL models, which are service evaluation models. Also, we carried out a survey of organizations that have acquired the certification in order to prove the model’s validity and suggest ways to develop ISMS certification. Findings: In the present study, we found that investment and concern in security can influence organisational security performance based on prior research, and developed survey items for performance measurement by acquisition of ISMS certification. We conducted surveys of organisations that required ISMS certification and tried to find some factors recognisable as a performance of ISMS certification. The result of the experiment was that factors influencing security performance are responsiveness and specialty. Application/ Improvements: Future research is increased ISMS certified company in accordance with the satisfaction and effectiveness of the ISMS certified company improved through systematic empirical and hope enhance the overall security level.