Dissertation Critique; IS Security

The Research Problem

Other studies have focused on IS security only without considering its success factors. The focus of the present study is on factors that make IS security successful in an organization.

 The Research Goal

The research goal was to find factors that contribute to IS success. This goal is well stipulated. It is proper to understand the success factors to have effective IS security programs.

The Literature and Data Presented

The literature review chapter is written in a simple language, and all the technical terms explained.  The section provides a critical overview of primary seminal works and research themes on IS security with the objective of linking it up with the present research topic.

The literature was drawn from previous works on IS security including risk management, technical security, IS security standards and policies, and IS security behavioral and economic aspects. On the technical computer security, the focus was on the studies, which have focused on finding solutions on vulnerabilities associated with IS security.  For example, there is a research on securing data controls whereby different forms of encryption is applied. The researcher also draws literature from the application of digital literature with the objective of ensuring that there are trusted transactions between the involved parties.  Software controls are significant elements of the IS security, and the author examines the same.  The author further draws from the literature that has focused on several hardware solutions including firewalls and intrusion detection. This information provided the readers with background information on the IS security, essential elements that make them understand other parts of the study.

Information is also provided on other developed models on the IS security such as Biba integrity model, Bell-LaPadula model, and Straub Computer Security Model. Furthermore, examining the types of security models in the present study widens one’s knowledge on the success factors of the IS security. Moreover, the researcher draws studies from the literature on what is the IS security. This eliminates all the technical specifications on the issue. The literature on the definition of the term IS security are well chosen. The focus is on the previous studies that defined the state of the IS security. This assisted the current study to select a definition based on works by Petter, DeLone and McLean (2008), which also defines success as both intangible and tangible benefits that a program offers to an organization.

From the literature review, it is evident that the author presents success of IS security as an interesting topic to both practitioners and scholars. The literature section reviews the various studies on the IS success applying a multi-dimensional approach. Moreover, the literature review section includes academic journals and as well as international conference publications, which are relevant to the research topic. The findings on the previous studies indicate that empirical and methodological studies act as the dominant success notion, and it is presented among the users. The success and limitations of the studies are also well indicated. Moreover, throughout the literature review, the author focuses on studies that applied DeLone & McLean model. Different research avenues are also pointed out in the section and linked to the previous research topic.

Lastly, the researcher justifies the reasons behind the present study drawing from the previous ones.  Petter, DeLone and McLean (2008), states that there has been immense research in the IS security domain. However, none of the studies have focused on researching on the IS security success and its composition.  In other words, success as a factor has been treated as a different entity of the IS security.  Through the previous studies, the author proves that the present study focuses on developing a vivid understanding of the success of IS within firms. Therefore, using reliable and recent studies, the literature review section provided in-depth background information into the present research problem, the motivations behind the topic and argument’s basis.

The Research Methodology

Regarding the validity, the study was carried out in three major phases; the expert panel, the pilot study, and the confirmatory factor analysis. The study was drawn from Byrd, Thrasher, Lang and Davidson (2006) with the objective of developing a model for not only predicting but also testing the IS security factors in organizations. A literature reviews body on the information systems security was used to justify the selected methodology for the present study.  This was based on the findings of the previous studies. Consequently, the researchers used core dimensions pertaining to success on the IS, and they were first identified before being operationalized within a given model with the objective of identifying success in IS security systems. For validity purposes, the researcher applied a three-phase approach with a survey methodology. Citing Dorr, Walther & Eymann (2013), there are several reasons for using the survey methodology in examining the success factors of IS security. Survey methodology offers a wide general capability level, which represents a larger sample population hence realizing reliability (Almutairi & Subramanian, 2005). This is because, most people answer the survey, and thus the collected data provide clear description of the features of the entire population.  Furthermore, King and He (2005) add that compared to other techniques of gathering data, survey extract information that is close to the characteristics of the entire population.   Byrd, Thrasher, Lang and Davidson (2006) also stated that survey method exhibit high representativeness, and this makes it easier to locate results that are statistically significant. It is also possible to use multiple variables to analyze effectively if the survey method is used.

The researcher tested the survey method for its reliability and validity using pilot study and expert panel. The last stage involved administering the survey to a selected sample. The structural equation modelling and confirmatory analysis factor were then applied to analyse the final data. Confirmatory factor analysis is defined as the multivariate statistical process, which is applied in testing how measured variables constitute a given number of constructs.   In the analysis, it is possible for the investigators to specify the factors required in data and whereby there is an association between the measured variable and the latent one.  King and He (2005) defines the confirmatory factor analysis as a technique applied to reject or confirm a given measurement theory. The tool was suitable for the present study because it focuses on measuring success factor of IS security within organisations.

There is also first analysis on the measurement of the generated model via the confirmatory analysis, and this revealed a mixed fit.   Furthermore, average variance and factor loading were applied, and this resulted into selection of different items following the revision. The revised measurement model indicated improved fit for the presented measurements. The structural equation modelling was used on three structural models, and there was varying mediation levels. Based on the analysis of the composition indices and analysis fit, the chosen analysis tools proven to be the best in testing the success of IS security. The present research empirically tested the success model of the IS security. Therefore, the used methodology will be a venue for future works.


The study’s findings are well presented in a systematic manner, hence easy to understand.  It is evident that the entire study was based on the SEM phase. The SEM techniques were applied to the model. However, it is challenging to understand the findings without explaining the used analysis tools. In the findings, the investigator considered seminal works and themes within the IS security system. Grouping the themes made it easy for the readers to relate the factors with IS security success.

The author further presents the implications of the findings. This assists in determining the suitable adjustments for future studies on the same research topic.  Additionally, the applied conceptual model will be applicable for empirical studies in different organizational contexts such as healthcare organizations, emergent organizations or the government.  Therefore, the researcher has proven the viability of his work. For example, it will bridge the gap between all that will be conducted on different IS security subjects and IS success. Providing the study’s limitations is also important for future research. This is because future researchers will improve on the limitations.  However, it could have been ideal if the findings were presented in form of tables and charts for easy comparison and comprehension.  Lastly, the investigators could have expounded on how the ethics and how the ethical considerations were met.



Almutairi, H., & Subramanian, G. H. (2005). An empirical application of the DeLone and McLean model in the Kuwaiti private sector. Journal of Computer Information Systems, 45(3), 113-122.

Byrd, T. A., Thrasher, E. H., Lang, T., & Davidson, N. W. (2006). A process-oriented perspective of IS success: Examining the impact of IS on operational cost. Omega, 34(5), 448-460.

Dörr, S., Walther, S., & Eymann, T. (2013). Information Systems Success-A Quantitative Literature Review and Comparison. In: International Conference on Wirtschaftsinformatik, Leipzig.

King, W. R., & He, J. (2005). External validity in IS survey research. Communications of the Association for Information Systems, 16(1), 880-894.

Petter, S., DeLone, W., & McLean, E. (2008). Measuring information systems success: models, dimensions, measures, and interrelationships. European journal of information systems, 17(3), 236-263.


Do you need an Original High Quality Academic Custom Essay?