Skip to main content

Structuring IS framework for controlled corporate through statistical survey analytics


The Pharma Engineering Manufacturers are an evolving sector in terms of its high profile operations, richness of data and ever-increasing research in their field. With such bounty, its workflow in terms of information and data management is ever-changing and demanding to keep up to the market best practices and to avoid uncertainties in information management. As furtherance to such a stance, this paper is directed to study about a Controlled Corporate. The Parent company has its own Information Security Management System (ISMS) but the highlight sought here is how well the Parent’s ISMS is getting translated into its newly established Subsidiary operations. In present parlance, most of the company’s information are transmitted through digital forum, thereby making the Information Technology (IT) department in the organization to be more active than before. Considering these, the study is been directed on the lines to know first on how similar peers behave in terms of their IS (Information Security) management via analytical surveys. These findings are then presented with a strong theoretical base (global best practices like ISO/ NIST Frameworks) to consider the needed attributes for imputing a proper IS Framework for the Controlled Corporate operations.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10


  1. COBIT ISBN 978-1-60420-763-7 (2019) Framework: Introduction and methodology ISACA

  2. Anderson R (2008) Security engineering. Wiley, New York

  3. Aversano L, Grasso C, Tortorella M (2012) A literature review of business/it alignment strategies. Procedia Technol 5:462–474

    Article  Google Scholar 

  4. Bryant A, Charmaz K (2007) The Sage handbook of grounded theory. Sage

  5. Bulgurcu B, Cavusoglu H, Benbasat I (2010) Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS Q 34(3):523–548

    Article  Google Scholar 

  6. Christiansen J, D’angona R, Bell C (2014) Method and system for assessing, managing, and monitoring information technology risk. June 3 US Patent 8 744:894

    Google Scholar 

  7. Cohen P, West SG, Aiken LS (2014) Applied multiple regression/correlation analysis for the behavioral sciences. Psychology Press

  8. DeSmit Z, Elhabashy AE, Wells LJ, Camelio JA (2017) An approach to cyber-physical vulnerability assessment for intelligent manufacturing systems. J Manuf Syst 43:339–351

    Article  Google Scholar 

  9. Dinis FM, Martins JP, Carvalho BR, Guimarães AS (2018) Disseminating civil engineering through virtual reality: An immersive interface. Int J Online Eng ISSN: 1861-2121 14(Issue:5):225– 232

    Article  Google Scholar 

  10. Dobre F, Vilsanoiu D, Turlea E (2012) A multiple regression model for selecting audit team members. Procedia Econ Financ 3:204– 210

    Article  Google Scholar 

  11. Fadiya SO (2017) Analysing a large amount of data as a decision support systems tool in Nigeria organisation. Int J Cogn Res Sci ISSN: 2334-8496 5(Issue:1):121–130

    Google Scholar 

  12. Gayko KWJ, Fan K (2018) Security standards white paper for Sino-German industry 4.0 intelligent manufacturing. Federal Ministry of Economic Affairs and Energy

  13. Griffiths D (2013) Risk based internal auditing. Retriev July 4:2006

    Google Scholar 

  14. Hafez S (2015) The integration of six sigma and balanced scorecard in internal auditing. Integration 6(18):43–54

    Google Scholar 

  15. Herath T, Raghav Rao H (2009) Protection motivation and deterrence: a framework for security policy compliance in organisations. Eur J Inf Syst 18(2):106–125

    Article  Google Scholar 

  16. Hogg RV, McKean J, Craig AT (2005) Introduction to mathematical statistics. Pearson Education, Prentice Hall

  17. Huber PJ (2011) Robust statistics. Springer, Berlin

  18. Illowsky B, Dean S (2018) Introductory business statistics

  19. ISO/ IEC 27001 (2013) Information Security Management System. ISO

  20. ISO 9001 (2015) Quality Management Systems-Requirements. ISO

  21. ISO/ IEC 27003 (2017) Information Security Management Systems implementation. ISO

  22. ISO/ IEC 27005 (2018a) Information Security Risk Management. ISO

  23. ISO/ IEC 31000 (2018b) Risk management – Guidelines. International Standard First Edition. ISO

  24. Jaccard J, Turrisi R (2003) Interaction effects in multiple regression, vol 72. Sage, Newcastle upon Tyne

  25. Jeff Smith H, Dinev T, Xu H (2011) Information privacy research: an interdisciplinary review. MIS Quart 35(4):989–1016

    Article  Google Scholar 

  26. Jerman-Blažič B et al (2008) An economic modelling approach to information security risk management. Int J Inf Manag 28(5):413–422

    Article  Google Scholar 

  27. Kassner M (2018) Why manufacturing companies need to up their cybersecurity game

  28. Manyika J (2017) A future that works: Ai automation employment and productivity. McKinsey Global Institute Research, Technical Report

  29. Mataracioglu T, Ozkan S (2011) Governing information security in conjunction with cobit and iso 27001. arXiv:1108.2150

  30. Mettler H (2019) Cybersecurity is an important issue for the pharmaceutical industry

  31. NIST (2018) Framework documents, cybersecurity framework version 1.1

  32. Novak-Marcincin J, Barna J, Janak M, Novakova-Marcincinova L (2013) Augmented reality aided manufacturing. Procedia Comput Sci 25:23–31

    Article  Google Scholar 

  33. PwC India article (2013) Subsidiary governance: an unappreciated risk

  34. Ranganathan V, Coronado A (2019) 7 key elements to data security and quality control for pharma labs

  35. Sandelowski M, Voils CI, Barroso J (2006) Defining and designing mixed research synthesis studies. Res Sch Natl Ref J Spons Mid-South Educ Res Assoc Univ Alabama 13(1):29

    Google Scholar 

  36. Sim TY, Li F, Vogel-Heuser B (2009) Benefits of an interdisciplinary modular concept in automation of machine and plant manufacturing. IFAC Proc Vol 42(4):894–899

    Article  Google Scholar 

  37. Stephen M. (2018) Management handbook. Company X

  38. Stock D, Stöhr M, Rauschecker U, Bauernhansl T (2014) Cloud-based platform to facilitate access to manufacturing it. Issue:C 25:320–328

    Google Scholar 

  39. Tan YS, Ng YT, Low JSC (2017) Internet-of-things enabled real-time monitoring of energy efficiency on manufacturing shop floors. Proced CIRP ISSN 2212-8271(61):376–381

    Article  Google Scholar 

  40. Tipton HF, Nozaki MK (2007) Information security management handbook. CRC Press, Boca Raton

  41. Staff Writer-Thomas Industry Update (2019) Cybercriminals shifting focus away from financial sector to target manufacturers

  42. Urdan TC (2011) Statistics in plain English. Routledge, Abingdon

  43. Urquhart C (2012) Grounded theory for qualitative research: A practical guide. Sage, Newcastle upon Tyne

  44. VDMA India article (2019) Vdma member list

  45. Wang X, Guan S-p (2017) Research on the relationship between internal control and financial performance–social responsibility as the intermediary variable. In: 3rd Annual International Conference on Management Science and Engineering (MSE 2017). Atlantis Press

  46. Yin RK (2006) Mixed methods research: Are the methods genuinely integrated or merely parallel. Res Sch 13 (1):41–47

    MathSciNet  Google Scholar 

  47. Zarreh A, Saygin C, Wan HD, Lee Y, Bracho A et al (2018) Cybersecurity analysis of smart manufacturing system using game theory approach and quantal response equilibrium. Procedia Manuf 17:1001–1008

    Article  Google Scholar 

Download references


The support of Arden University-Berlin and the Case Studied Company is much appreciated for their fervent aid throughout the period of this research, in helping to collect data useful for the analysis and the conclusion of the work. Special acknowledgment to Dr. Ricarda Seiche for the guidance.

Author information



Corresponding author

Correspondence to Rachel John Robinson.

Ethics declarations

Conflict of interests

Author declares there is No Conflict of Interest

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Robinson, R.J. Structuring IS framework for controlled corporate through statistical survey analytics. J. of Data, Inf. and Manag. 2, 167–184 (2020).

Download citation


  • Controlled corporate
  • ISMS
  • IS framework