مجلة بحوث الادارة والاقتصاد (Jun 2020)
The Role of Human Resource Management Processes in Achieving Information Security: An applied Study on Saudi Government Universities
Abstract
This study aims to reveal the reality of the Human Resources Management Units contribution to achieving information security at Saudi government universities by examining their compliance with the international standard of the Information Security Management System (ISO/IEC 27002:2013). The study was based on qualitative research methods, where a checklist was designed to collect the data needed for the study, using semi-structured interviews, direct observation, and documents examination used in Human Resources management units. The gap analysis method has also been used to analyse data in order to determine the range of compliance of the Universities Human Resources Management Units to the information security controls provided by the international standard (ISO/IEC 27002:2013). The study reached a number of results, the most important of which was the commitment of the participating universities in different rates ranging from medium to high in the application of the international standard (ISO/IEC 27002:2013) controls concerning human resources management processes (before employment, during employment, termination or change of employment). In the light of those findings, the study made several recommendations that guide universities towards full compliance with controls of that international standard in order to raise the level of the contribution of human resources management processes to achieve full information security.
Keywords
