The security of the IT resource and management support: Security risk management program effectiveness

The exploratory research study addressed the issues required to provide a theoretically based model that could be developed and validated to study the process that leads to effective Security Risk Management (SRM) programs. The model incorporates desired expectations in an IS area outside of the EUC domain and includes a direct relationship between executive management support and SRM program effectiveness. Additionally, the study followed suggested procedures to develop valid, reliable research instruments in order to empirically capture the dimensions of an original SRM Program posture construct included in the conceptual model.; The research study used a mail survey research methodology partially based on “The Tailored Design Method” to solicit responses from 1,500 major U.S. business organizations across a wide range of SICs. The responses were to be used to test a series of hypotheses in order to understand the relationships between variables in the process that leads to effective SRM programs. Additionally, the study includes a section describing the results of gathering responses from the firms that would not respond to the original research study.