The role of user awareness in the information technology and security governance nexus - evidence from Ghana's banking industry Online publication date: Tue, 14-Jan-2025
by Emmanuel Adu-Mensah; Solomon Odei-Appiah; Joseph Kwame Adjei; Enoch Ayivor
International Journal of Information and Computer Security (IJICS), Vol. 25, No. 3/4, 2024
Abstract: This study proposes a model to explain the interplay among information security governance, information technology governance, and information security awareness, with guidance from the information security governance theoretical lens. Employing a questionnaire survey with a sample size of 300 and structural equation modelling, the study revealed several key relationships: business/IT strategic alignment positively correlates with information technology governance, underscoring the importance of aligning IT strategies with broader organisational goals. Weak but consistent positive relationship is identified between value delivery and information technology governance, emphasising the link between extracting value from IT investments and effective governance. Contrary to expectations, risk management and information security governance exhibit an inverse relationship. Information security awareness shows a significant but inverse relationship with information security governance. Both resource management and information technology governance, as well as performance measurement and information technology governance, demonstrate no significant relationships, suggesting that adept resource management and performance monitoring alone may not ensure enhanced governance. Moreover, no significant relationship is found between information security governance and information technology governance, indicating a limited influence of managing information security on overall information technology governance practices. The study concludes by offering recommendations to stakeholders within the domain based on the outlined findings.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information and Computer Security (IJICS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook