文摘
Security incidents resulting from human error or subversive actions have caused major financial losses, reduced business productivity or efficiency, and threatened national security. Some research suggests that information system security frameworks lack emphasis on human involvement as a significant cause for security problems in a rapidly changing information technology environment. The purpose of this case study was to discover central themes that can shape the future for information security management, governance, and laws in the federal government. The theoretical foundation for the study was derived from McGregor's X and Y theory principles. The research questions focused on ranking ways to synchronize information system security management, governance, and legal actions to form the most efficacious model possible. A survey that contained 40 core themes drawn from empirical research in the information system security field was administered to a purposive sample of 100 federal government managers to assess their level of agreement with each practice. Categorical analysis of survey data were used to compare patterns of responses to theoretical principles in order to propose practices and controls needed to motivate employees to achieve organizational goals and objectives. The categorized results highlighted 13 principles that addressed strengthening strategic planning, policy development, human management, training and education, and standardization now and in the future. This study contributes to positive social change by informing methods of human resource management that can increase the efficacy and reliability of security performance within key information systems used to ensure the safety of individuals and organizations against a variety of internal and external threats.