||With the rapid development and popularization of information technology, the network information of the governments and corporates has already been tightly connected together, which leads to the construction of cloud computing environment in the Internet world. The cloud services for specific applications have already been developed gradually based on the requirements in human’s lives. People could access the cloud services via mobile phones, computers and other equipment of information technology anywhere and anytime. At the same time, banking industry also introduces some cloud-based financial services to make the customers able to reach the required products of banks more instantly and conveniently. In the complex network environment, in order to avoid leakage and hacking of personal information, financial institutes not only have to achieve data transparency but also have to practice data risk management. Thus, under cloud environment, data risk and information security governance model have already attracted extensive attention in many fields.
This research aims to investigate the evaluation perspectives and the question items of cloud information security governance maturity based on the information security governance maturity scale. Through Content Validity Ratio the validities of the contents in the pretest questionnaire are measured. Simultaneously, the unnecessary question items are eliminated. The objectives focus on the employees of the banking industry in Taiwan. Thus, paper-based questionnaire is adopted for the investigation as the sample method. And it took approximately a month to collecting the required sampling data. Overall 213 effective questionnaires were collected. Then, Partial Least Square was applied for data analysis and verification, and conducted Hypothesis test to analyze the assessment model of information security governance maturity
The analysis results show that information regulations, environment and technology, information self-efficacy, data risk and information ethics are positively correlated with information security governance maturity. In the perspective of mediators, seniority has mediation effects on information self-efficacy and information security governance maturity. Age has mediation effects on data risk and information security governance maturity. Department-level has mediation effects on information ethics and information security governance maturity. This study suggested that banks could practice deeply investigation on different types of information security. At the end of the study, we provide the suggestions for future works and management meanings.