ABSTRACT

Information systems (IS) have become an integral part of many organisations as they depend on it to execute their critical business function. As a result any situation that will render the IS unavailable will be detrimental to most organisations. The purpose of this research was to explore the enablers and inhibitors of information systems disaster recovery planning (ISDRP) in organisations in the Ghanaian banking sector. In order to achieve this purpose, the study used the quantitative method to investigate the enablers and inhibitors of Information Systems Disaster Recovery Planning. Seven banking organisations were used in the survey. Integrating the protection motivation theory and the theory of planned behavior, several hypotheses were developed to test the research conceptualization. Data analysis was performed using SPSS. Using a survey of 207 managers in the Ghanaian banking sector, this study showed the factors such as perceived vulnerability, perceived severity, response efficacy, self-efficacy, attitude, subjective norms and perceive behavioral control positively influences motivation and intention to develop an ISDRP in Ghanaian banking industries. Eight hypotheses were formulated to investigate the enablers and inhibitors of ISDRP. The data analysis did not support response cost as being a predictor of motivation and intention to develop an ISDRP in the Ghanaian banking industries.

This study adds up to the few existing studies in the field of IS that have studied a phenomenon by integrating the two aforementioned theories. This study discussed information systems disaster recovery planning (ISDRP) among organisation in the Ghanaian banking sector. However, future research can extend this work by looking ISDRP from other financial institutions, for example among insurance companies and so on.

Keywords: Information systems, disaster recovery planning, protection motivation theory, theory of planned behavior.

CHAPTER ONE INTRODUCTION

      Research Background

Improving the efficiency and efficacy of an organisation is a major reason why many organisations employ or implement information systems (Curtis, 2008). An organisation‘s information system is made up of the Information Technology (IT), infrastructure; people; processes and business policy and structures (Sieglar & Gaughan, 2008). A disaster recovery plan is a system of internal control and security that focuses on quick restoration of services for critical organisational processes when these operations fail due to natural or man- made disasters (Tamura, Yamamoto, Tomiyama and Hatono, 2000). Disaster recovery planning is all about being prepared for potential disasters, so that when a disaster strikes, the organisations‘ critical functions can be maintained or resumed. The implementation of disaster recovery plans (DRPs) allows organisations to resume their business operations as quickly as possible following a disaster such as flood or fire (Livitt, 1997). Ivancevich, Hermanson and Smith (2001) argues that due to the fact that most organisational activities depend on information systems, many organisations simply cannot conduct business if their information systems are not functioning. Simply stated, the potential loss of information systems is a significant organisational risk that must be addressed by all organisations.

Information systems disaster includes deleting a file or program accidentally to a flood or fire which destroys the building housing the data Centre (Saccomanno and Mangialardi, 2008). An Information systems disaster occurs when the damage results in the information system not being to provide services (Gold, 2008; Levitt, 1997). It is also important to note that information disaster recovery plan is for returning or repairing information systems services

but not essentially restoring specific hardware and software architecture (Gustav, McCann, Krzenski, 2008; Schwalbe, 2010; Mete & Zabinsky, 2010).

The rationale behind disaster recovery planning is to minimize potential loss by identifying, prioritizing and safeguarding the most valuable organisational assets that need the most protection (Livitt, 1997). From the above, we can say that an information system disaster recovery planning in an organisation is therefore a system for internal control and security that focuses on quick restoration of information systems for critical organisational processes when these systems fail due to natural or man-made disaster. Building a strong disaster recovery planning is the goal of every organisation as it provides a host of benefits for a firm, including the resumption of critical business operations, minimization of potential loss, and so on (Kaur, 2007).