The Ways of Assessing the Security of Organization Information Systems through SWOT Analysis

The Ways of Assessing the Security of Organization Information Systems through SWOT Analysis

David Rehak (VSB – Technical University of Ostrava, Czech Republic) and Monika Grasseova (University of Defence, Czech Republic)
DOI: 10.4018/978-1-61350-311-9.ch007
OnDemand PDF Download:


The chapter is focused mainly on assessing the factors of the external environment in the area of security of information systems in the organization through SWOT analysis. At first the method is characterized from the viewpoint of its purpose and nature. The emphasis is laid on the principles of SWOT analysis, the possible use of methods and tools, and also the most common problems occurring during the implementation of the analysis. The recommended methodical procedure for the implementation of SWOT analysis is described in another part of the chapter with individual phases and particular activities, which are appropriate to be carried out within these phases. The main part of the chapter is focused on the ways of semi-quantitative assessment of threats to the area of information systems of the organization, while evaluating their risks, and the assessment of opportunities, while evaluating their benefits. Both cases include a detailed description of procedure leading to an objective outcome during the classification of identified threats and opportunities according to the set criteria.
Chapter Preview

Setting The Scene

SWOT is an acronym for Strengths, Weaknesses, Opportunities, and Threats. Thus SWOT is the acronym for the internal strengths and weaknesses of organization and the opportunities and threats identified in the external environment of organization. SWOT analysis is one of the methods of strategic analysis of the initial state of an organization and/or its parts, generating the alternatives to strategies (see Figure 1) on the basis of internal analysis (strengths and weaknesses) and external analysis (opportunities and threats). A comprehensive SWOT analysis puts strengths and weaknesses of an organization or its parts against identified opportunities and threats ensuing from the surrounding environment and defines the position of the organization and/or its parts as a starting point for defining the strategies of further development.

Figure 1.

The basic framework of SWOT analysis

The method was developed by Albert Humphrey, who led a research project in the 1960s-1970s at Stanford University. The project was financially supported by the 500 biggest corporations in the USA (Fortune 500) and its aim was to analyze shortcomings in the planning process of those corporations and develop a new system of change management for them. A team method for planning was called SOFT analysis and later revised as SWOT analysis.

SWOT analysis may be included among the most implemented analytical methods. Specialized literature usually includes only the outcome of the last phase of SWOT analysis, i.e. SWOT matrix (see Figure 2).

Figure 2.

SWOT matrix

During SWOT analysis it is necessary to determine the purpose of its use, i.e. what the outcomes will be used for. SWOT analysis may be used for one or more of the following purposes:

  • As a basis for defining the vision

  • As a basis for defining the strategic goals

  • As a basis for the first generation of strategic alternatives

  • For identifying critical areas.

Many organizations finish SWOT analysis with a detailed list of strengths, weaknesses, opportunities and threats. However, if the facts discovered are not used for the purposes as outlined above, the findings are basically useless. The question is, what the purpose of discovering the weaknesses of the organization is, e.g. in securing the information systems, if the organization does not work with such information any more. Many organizations carry out SWOT analysis just to claim it has been completed during the preparation of the information systems security crisis plan, for example. However, the fact that the plan does not reflect the outcomes of analysis is not considered. Therefore when implementing SWOT analysis it is necessary to consider the purpose of it and the further use of outcomes.

Complete Chapter List

Search this Book:
Table of Contents
Mustafa Alshawi, Mohammed Arif
Chapter 1
Mustafa Alshawi, Hafez Salleh
This chapter explains the concept of an IT/IS readiness maturity model including particular requirements in terms of four domains, embracing nine... Sample PDF
IT/IS Readiness Maturity Model
Chapter 2
Eric Lou, Hafez Salleh
Higher education sector is notorious for lagging behind the industrial sector in the application of IT/IS systems and infrastructure. This chapter... Sample PDF
Readiness in Systems Implementation: Lessons from the Higher Education Sector
Chapter 3
Hafez Salleh
Construction sector is unique in a way because more than 90% companies are Small and Medium Sized Enterprise (SME). This chapter presents a case... Sample PDF
Improving the Tendering Process: A Construction Organization Perspective
Chapter 4
Hafez Salleh, Eric Lou
This chapter provides the IT readiness assessment for before and after scenarios of IT systems implementation in a construction consultancy company... Sample PDF
Building for the Future: Systems Implementation in a Construction Organization
Chapter 5
Yasser Al Saleh, Eric Lou
This chapter presents the case of a bank that was established in late 1973 by an initiative from the Government, as a joint venture between the... Sample PDF
Banking for the Future: Starting Anew
Chapter 6
Yasser Al Saleh, Mohammed Arif
This case study revolves around a governmental public service institution, which receives public and government money that it invests. There were... Sample PDF
E-Readiness in Governmental Public Service Institution: Lessons Learnt
Chapter 7
David Rehak, Monika Grasseova
The chapter is focused mainly on assessing the factors of the external environment in the area of security of information systems in the... Sample PDF
The Ways of Assessing the Security of Organization Information Systems through SWOT Analysis
Chapter 8
John Effah, Ben Light
The purpose of this study is to understand a small e-support firm’s response to the local e-readiness and the global e-business environment in a... Sample PDF
An E-Support Firm’s Response to Local E-Readiness and the Global E-Business Environment
Chapter 9
Vian Ahmed, Aisha Abuelmaatti
Collaborative environments have been evolving and effectively employed in large organisations and are believed to have high potential for Small and... Sample PDF
The Use of Collaborative Technologies within SMEs in Construction: Case Study Approach
Chapter 10
Ayman Altameem, Mohamed Zairi
This study is an attempt to bridge the gap in the existing literature by exploring the critical factors that affect IT adoption through a... Sample PDF
E-Readiness in IT/IS Implementation: A Benchmarking Analysis Based on 100 Case Studies
Chapter 11
Masoud Mohammadian, Ric Jentzsch
IT management processes have been growing as the development of modern IT systems has grown. These are often complex with multiple interdependencies... Sample PDF
Intelligent Decision Making and Risk Analysis for IT Management Processes
About the Contributors