n Journal of Contemporary Management - Information Security Service Management

Volume 9, Issue 1
  • ISSN : 1815-7440



This paper proposes Information Security Service Management (ISSM) as an improved alternative to the present-day approach to information security management in the organisation. It first discusses the roles of information security management and the end-users in developing and maintaining the state of information security in the organisation. The paper argues that one of the serious issues of information security management, namely the non-compliance exhibited by end-users, can actually be traced back to the bureaucratic nature of present-day information security management. To provide a way out, the paper formulates the CARE principles towards a more end-user centric approach. The paper also proposes ISSM that is based on the principles of current-day service management. The paper concludes with the major components of ISSM, and provides guidance for the implementation of ISSM in the organisation.

Loading full text...

Full text loading...


Article metrics loading...


This is a required field
Please enter a valid email address
Approval was a Success
Invalid data
An Error Occurred
Approval was partially successful, following selected items could not be processed due to error