• Title/Summary/Keyword: ICCAIS

Search Result 1, Processing Time 0.013 seconds

Factors for Better Adoption of Information Security on Custom-Made Software at SMEs: A Systematic Review and Framework

  • Fatimah Alghamdi;Moutasm Tamimi;Nermin Hamza
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.2
    • /
    • pp.65-78
    • /
    • 2023
  • Investigations on information security factors re- main elusive at small and medium enterprises (SMEs), es- specially for custom-made software solutions. This article aims to investigate, classify, adopt factors from recent literature addressing information security resources. SMEs al- ready have information security in place, but they are not easy to adopt through the negotiation processes between the in-house software development companies and custom-made software clients at SMEs. This article proposes a strategic framework for implementing the process of adoption of the information security factors at SMEs after conducting a systematic snapshot approach for investigating and classifying the resources. The systematic snapshot was conducted using a search strategy with inclusion and exclusion criteria to retain 128 final reviewed papers from a large number of papers within the period of 2001-2022. These papers were analyzed based on a classification schema including management, organizational, development, and environmental categories in software development lifecycle (SDLC) phases in order to define new security factors. The reviewed articles addressed research gaps, trends, and common covered evidence-based decisions based on the findings of the systematic mapping. Hence, this paper boosts the broader cooperation between in-house software development companies and their clients to elicit, customize, and adopt the factors based on clients' demands.