مدیریت صنعتی (Sep 2020)
A Conceptual Framework for Measuring the Performance of the Information Security Service Supply Chain Based on Meta-synthesize and Fuzzy Delphi Method
Abstract
Objective: The purpose of the present study is to identify priority indicators -based on the qualitative analysis of the results of the research carried out- and also to provide a framework for measuring the performance of the information security service supply chain. Methods: The methodology of this research is essentially descriptive and qualitative and has been carried out in two stages. In the first phase, 133 papers were reviewed, after evaluation, 28 articles were approved. Then, by using the CASP method, finally, 15 articles on the measurement of the performance of the service chain received the minimum score for conducting a qualitative analysis of the content. By reviewing these articles, a conceptual framework for measuring the performance of the service chain was presented in the form of a "logic model". This model is a tool that illustrates the logic of doing things in the four components of inputs, processes, outputs and outcomes. After verifying the reliability of the results, in the second stage, in order to map the proposed framework into the field of information security services, by referring to ten experts in this field and receiving their views in the three rounds of the Fuzzy Delphi, validation and final modeling of the research was designed. Results: The evaluation of the performance of the information security service supply chain for 19 indicators and 35 effective sub-indicators, under the logic model, were agreed with the coefficient of coordination of Kendal of 0.742 between experts and specialists. Conclusion: The review of experts' opinions showed that the sub-indicators of knowledge and skills, the provision of new and up-to-dated security technologies and the confidentiality and security of information make the most important and rate of personnel turnover sub-indicator, assessing the least important in the performance evaluation of the information security services supply chain.
Keywords