Abstract
Japanese companies, particularly ones with many employees, are proactively working on information security management for personal information protection and risk management. In addition to such efforts, many companies are also strengthening management control by enhancing internal control and cost-cutting such as overtime restrictions. While necessary, such control must be based on the situations of individual workplaces or it could damage employees' morale and performance. This paper empirically analyzes the organizational effect of information security management on Japanese companies based on questionnaire survey to office workers. And some implications for information security management are proposed.
