Adaptation of Key Information Security Measures For Business Continuity In Sri Lankan Telecommunication Sector

Abstract

Over the last several years companies have departed beyond the traditional boundaries to protect reputation and brand to achieve business excellence. Stake holders confidence and positive brand takes years to build, but can be severely damage by a single incident. Henceforth damage to reputation and brand was cited as the most significant consequence face by any organization in modern competitive business conditions. This study examines factors effects on business continuity of Sri Lankan telecommunication companies based on ISO 27001 security standard. This is primarily due to the fact that standards provides level of confidence for customer and partners that is difficult to achieve by any other means. Different categories of employees comprise of consultants, higher management, middle management, professional and engineering categories were administered an online questionnaire. Statistical analysis exemplified that organizational structure and information security policy, assets management practices, physical and environmental security, communication and operational management designated as important key driving factors in securing business continuity. Significantly 96% fingered that presently enforced compliance and standards by Sri Lankan authorities are non-influencing factors to the business continuity. Henceforth Telecommunication Regulatory Commission of Sri Lanka ought obligatory engaged in introducing respective provisions in laws, regulations and essential amendments to the country‟s telecommunication governance framework. Overall 95% of all the participants responded that they managed to implement business continuity factors within defined time period and 63% of them fingered an enhancement of respective business operations after adopting such practices .Further emphasized that provisioning of added resources by telecommunication operators in their annual business strategies directing on developing of knowledge and skills pertaining to business continuity approach is important.