Perceived significance of information security governance to predict the information security service quality in software service industry An empirical analysis

摘要

Purpose - Information security is a growing concern in society, across businesses and government. As the offshore IT services market continues to grow providing numerous benefits, there are also perceived risks with respect to the quality of information security delivered in the supply chain. This paper aims to examine, as a case, the perceptions of Indian software services provider (service provider) employees with respect to information security governance and its impact on information security service quality that is delivered to customers. Design/methodology/approach - The paper provides a framework built upon the existing dimensions and instruments for total quality management and service quality, suitably modified to reflect the context of information security. SmartPLS, a structural equation modelling technique, has been used to analyse field survey data collected from across various Indian cities and companies. Findings - Significant finding is that information security governance in an IT outsourcing company providing software services has a highly significant impact on the information security service quality, which can be predicted. The paper also establishes that there is a positive relationship collectively between elements of information security governance and information security service quality. Research limitations/implications - Since data used in this study were taken solely from the responses of employees of outsourced service companies in India, it does not show if this translates into service improvements as perceived by the customer. Practical implications - Information security governance should be made an integral part of corporate governance and is an effective strategic technique, if software outsourcing business enterprises want to achieve a competitive edge, provide client satisfaction and create trust. Originality/value - The paper presents empirical data validation of the connection between information security governance and quality of service.