Towards a Sustainable and Efficient Component-based Information Security Framework

Information security and information systems (IS) security both have top management priority in many companies and organizations. In various information security models researchers recommend several important components to sustainably and efficiently enforce information security. There is little research aiming at approaches that combine theoretically and empirically substantiated principles. To fill this research gap, the aim of this paper is to discuss the adequacy of “academic” information security components, to analyze practical relevance using an empirical study and to consolidate identified factors using a principle component analysis to enhance applicability. Findings suggest two main factors which are identified as short-term and long-term as well as 18 sub-components. The results can assist companies and organizations in sustainably and efficiently implementing information security.