Journal of the Japan Society for Management Information
Online ISSN : 2435-2209
Print ISSN : 0918-7324
Article
Effect of Requirements of the ISO/IEC 27001 to the Rationalization of Unauthorized Bringing-out of Information
Akira EGUCHIMina RYOKE
Author information
Keywords: awareness, fraud triangle theory, ISO/IEC 27001 certification, multiple group covariance structure analysis
JOURNAL FREE ACCESS

2021 Volume 30 Issue 2 Pages 89-104

Details
Download PDF (616K)
Download citation RIS

(compatible with EndNote, Reference Manager, ProCite, RefWorks)

BIB TEX

(compatible with BibDesk, LaTeX)

Text
How to download citation
Contact us
Abstract

There have been many reports of information being released without permission. The purpose of this paper is to demonstrate to suppress the rationalization of unauthorized bringing-out of information from the perspective of the “awareness” requirements of the ISO/IEC 27001 by using the fraud triangle theory. We consider the three latent variables, namely, “policy”, “contribution”, and “effects of non-compliance” exhibit the effect of suppressing the rationalization of unauthorized bringing-out of information. We construct a model to test our hypotheses and performed covariance structure analysis and multiple group covariance structure analysis based on the questionnaire survey data. Our sample consist of member groups of an organization with and without the ISO/IEC 27001 certification. As a result, we confirmed our hypotheses partially and found that the requirements that shall be improved the perception differed from group to group.

Content from these authors
© 2021 The Japan Society for Managemant Information
Next article
Favorites & Alerts

Recently viewed articles
Share this page
feedback
 Top