This research proposal examines the role of risk assessments and personal ethics in establishing effective information assurance frameworks. The paper investigates how individual ethical responsibility and organizational practices can be integrated into risk assessment methodologies to protect data confidentiality, integrity, and availability. Drawing on literature by Willcocks & Margetts, Stahl, and Pavlou, the research proposes a meta-analytic approach to identify correlations between personal and organizational safeguarding practices. The study seeks to develop universally applicable models that link individual ethics to large-scale IT security initiatives, addressing the growing need for comprehensive information assurance in an increasingly digital landscape.
Information assurance (IA) is fundamentally based on addressing risk and security issues. The digitalization of data has enabled rapid transmission and sharing, creating many new opportunities for humanity to thrive and support one another. Along with these great benefits comes a significant responsibility to respect privacy and protect sensitive information. The ease with which data flows in today's technological landscape creates the potential for its misuse and exploitation for nefarious purposes.
This research addresses the intersection of risk assessment methodologies and the ethical frameworks needed to safeguard digital information in organizational contexts.
This investigation focuses on risk assessments and their ability to determine information assurance and maintain confidentiality. The overarching research question is: How can risk assessments be used to help maintain data integrity, confidentiality, and availability in an information technology environment?
Answering this question will yield methods and models that can be universally applied to newly formed information systems requiring specialized levels of information assurance. This knowledge is particularly significant given the ever-growing reliance on digital information across sectors and the corresponding increase in security threats and data breaches.
Willcocks and Margetts (1994) directly addressed this topic, arguing that risk assessment often becomes overly formalized. Their research emphasizes that the real value of risk assessment emerges when distinctive human and organizational practices, combined with cultural patterns of belief, are integrated into the assessment process.
Stahl (2005) introduced research exploring individual responsibility as a constructive lens for understanding IT information assurance and privacy. This perspective can be integrated with Pavlou's (2011) comprehensive review of IT privacy literature, which concluded that "the most important question in regard to the relationship between information privacy and other constructs is the extent to which the context matters in the relationship between privacy and other constructs." In other words, the unique demands of each project require tailored solutions rather than one-size-fits-all approaches.
Information privacy protection thus requires understanding both the technical and human dimensions of risk and security, a theme reinforced across recent interdisciplinary scholarship in this domain.
A central premise of this research is understanding how the microcosm relates to the macrocosm—specifically, how to apply the relationship between individual and larger organizational practices to information assurance. The research seeks to identify correlations between the methods and models individuals apply to safeguard privacy and whether those same methods and models are applicable at the firm and organizational level.
This investigation recognizes that personal ethics and organizational responsibility are not separate concerns but interlocking dimensions of effective security. The question can be further refined to address personal and societal responsibilities in determining proper privacy protections within IT systems that require this safeguarding. The refined research question becomes: How can personal ethics be applied in information assurance models that seek to maintain confidential and secure access to critical digital data?
This research project employs a descriptive methodology designed to answer the questions of who, what, when, where, and how associated with the research problem. The overall approach utilizes a meta-analytic framework, systematically synthesizing existing scholarship to identify patterns and connections.
Data for this project will be drawn from extant literature related to ethics, technology, and information assurance design. Research addressing these interconnected topics will be explored and analyzed for relevant findings. The analytic techniques employed will be inductive and deductive logic applied to the gathered and synthesized data, allowing patterns to emerge from the literature while simultaneously testing propositions against existing frameworks.
The plan for interpreting results is to articulate findings in a coherent model applicable across information assurance–focused efforts. This approach ensures that conclusions are both theoretically grounded and practically generalizable.
"Linking individual ethics to organizational IT security"
You’re 73% through this paper. Sign up to read the remaining 1 section.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.