MANAGING ORGANIZATIONAL CULTURE REQUIREMENT FOR BUSINESS CONTINUITY MANAGEMENT (BCM) IMPLEMENTATION USING GOAL-QUESTION-METRIC (GQM) APPROACH

Authors

  • Noorul Halimin Mansol Faculty of Science and Technology, Universiti Sains Islam Malaysia, Nilai, Negeri Sembilan, Malaysia
  • Najwa Hayaati Mohd Alwi Faculty of Science and Technology, Universiti Sains Islam Malaysia, Nilai, Negeri Sembilan, Malaysia
  • Waidah Ismail Faculty of Science and Technology, Universiti Sains Islam Malaysia, Nilai, Negeri Sembilan, Malaysia

DOI:

https://doi.org/10.11113/jt.v78.10018

Keywords:

Goal-question-metric, business continuity management, business continuity, information security, organizational culture

Abstract

Today’s Information and Communication Technology (ICT) growth is increasing and has raised the needs for service quality, reliability and availability. Together, with the current global economics Business Continuity Management (BCM) become a crucial requirement to an organization. Apart from the technological aspect in BCM, Malaysian IT Organization must enforce the information security management and awareness of BCM by considering organization culture values. Preparing the organization to BCM is a vital part to the management to be considered. Accessing and understanding the organizational culture values during the BCM setup stage may help to improve the effectiveness of BCM implementation in the organization. Therefore, this paper presents the organizational culture framework using Goal-Question-Metric (GQM) approach to measure the readiness of the organization to implement BCM and also towards the BCM compliance.

References

R. L. Tammineedi. 2010. Business Continuity Management: A Standards-Based Approach:, Information Security Journal: A Global Perspective. 19(1): 36-60

M. Blyth. 2009. Business Continuity Management: Building an Effective Incident Management Plan, Hoboken. NJ:J. Wiley. 362.

K. Venclova, H. Urbancova and H. Vostra Vydrova. 2013. Advantages and Disadvantages of Business Continuity Management, World Academy of Science, Engineering and Technology. 76: 164-168.

A Hiles. 2007. The Definition Handbook of Business Continuity Management. Second Edition. Hoboken, NY: John Willey & Sons.

N. Deysel. 2009. A Model for Information Security Control Audit for A Mall To Mid-Sized Organizations, Master’s Thesis in Business Information Systems in the Faculty of Engineering, the Built Environment and Information Technology at the Nelson Mandela Metropolitan University, January

ISO/IEC 27001: 2013, Information Technology- Security Techniques - Information Security Management Systems- Requirements.

Bank Negara Malaysia. 2008. Guidelines on Business Continuity Management, I.A.D.S. Department, Editor. 39.

Hu, Q., Dinev, T., Hart, P. and Cooke, D. 2012. Managing Employee Compliance with Information Security Policies: The Critical Role of Top Management and Organizational Culture. Decision Sciences Journal. 43(4): 615-659.

Norshima H. & Vimala B. 2013. Management Support as a Predictor to Promote Information Security Behavior among Employees. International Journal of Information Technology & Computer Science (IJITCS ), ISSN No: 2091-1610. 7(2).

2012. Ready for The Challenge – Integrated Governance – The Key to Initiative Business Continuity Management, Insights on Governance, Risk and Compliance, Nov Ernst & Young.

Cyberjaya – A Haven for ICT Industry 2009 March 02.

Cybersecurity Malaysia – eSecurity, The First Line of Digital Defense Begins with Knowledge. 34 (1/2013): 20.

V. Basili and D. Weiss. 1984. A Methodology for Collecting Valid Software Engine-ering Data, IEEE Tram. Software Engineering. 10(6): 728-738.

V. Basili, G. Caldiera and D. Rombac. 1994. Goal Question Metric Paradigm, Encyclopedia of Software Engineering. 528-532

Gemma P. & Patrick W. 2012. Planning For The Worst – The 2012 Business Continuity Management Survey, Chartered Management Institute (CMI)

Roberta J. Witty & Les Stevens. 2010. Ten Best Practices for Creating and Maintaining Effective Business Continuity Management Plan, 8 February, Gartner RAS Research Note G00172401.

Moon, M. 2000. Organizational Commitment Revisited in New Public Management: Motivation, Organizational Culture, Sector, and Managerial level. Public Performance & Management Review. 24(2): 177-194.

Dhillon, G. 1999. Managing And Controlling Computer Misuse. Information Management & Computer Security. 7(4): 171-175.

Almunawar, MN.,Susanto, H., and Anshari, M., A 2012. Cultural Transferability on IT Business Application:iReservation System.

Siponen, M. 2000. A Conceptual Foundation for Organizational Information Security Awareness, Information Management & Computer Security. 8(1): 31-41.

Norris, D. and Moon, M. 2005. Advancing e-Government at the Grassroots: Tortoise or Hare? Public Administration Review. 64(1): 65-75.

Bouthillier, F., Shearer, K., Understanding Knowledge Management and Information Management: The Need of Empirical Perspective, Information Research, 2002, http://informationR.net/ir/8-1/paper141.html,8(1)

Rossing Von. R. 2007. BC Audit IN: Hiles, A. (ed) The Definitive Handbook Of Business Continuity Management, 2nd Edition, England: John Wiley & Sons Ltd. 339.

Downloads

Published

2016-12-15

Issue

Vol. 78 No. 12-3: Towards Advancement of Sustainable Computational Technology

Section

Science and Engineering

License

Copyright of articles that appear in Jurnal Teknologi belongs exclusively to Penerbit Universiti Teknologi Malaysia (Penerbit UTM Press). This copyright covers the rights to reproduce the article, including reprints, electronic reproductions, or any other reproductions of similar nature.

How to Cite

MANAGING ORGANIZATIONAL CULTURE REQUIREMENT FOR BUSINESS CONTINUITY MANAGEMENT (BCM) IMPLEMENTATION USING GOAL-QUESTION-METRIC (GQM) APPROACH. (2016). Jurnal Teknologi, 78(12-3). https://doi.org/10.11113/jt.v78.10018