What question did this study set out to answer?

The research aims to propose a framework that integrates governance, access control, and risk to improve data integrity within Malaysian education systems.

April 1, 2026Open Access

Governance, Access Control, and Risk: A Conceptual Framework for Data Integrity in Malaysian Educational Systems

Key Points

The research aims to propose a framework that integrates governance, access control, and risk to improve data integrity within Malaysian education systems.
Developed a standards-based framework aligned with ISO/IEC 27001:2022 and NIST CSF 2.0.
Specified indicators such as MFA coverage, orphan-account rate, and detect-to-correct time.
Planned validation using a pre-post or difference-in-differences methodology.
Moderation tested using SEM or multilevel models.
Governance maturity is shown to enhance the effects of access control on data integrity.
Risk management operates independently to influence data integrity outcomes.

Abstract

This study proposes a standards-based framework that links governance, access control, and risk to data integrity in Malaysian education. Governance maturity strengthens access-control effects, while risk management acts independently on integrity. Constructs map to ISO/IEC 27001:2022, ISO 31073:2022, and NIST CSF 2.0 (Govern). We specify a small indicator set—MFA coverage, standing-privilege hours, orphan-account rate, hash-mismatch rate, and detect-to-correct time—and a prioritised roadmap for MOE. Validation will use pre-post or difference-in-differences pilots; moderation will be tested with SEM or multilevel models.

Governance, Access Control, and Risk: A Conceptual Framework for Data Integrity in Malaysian Educational Systems

Key Points

Abstract

Cite This Study