Repository logo
 
Loading...
Thumbnail Image
Publication

The security policy application process: action research

Use this identifier to reference this record.
Name:Description:Size:Format: 
New+Advances+in+Information+Systems+and+VOL 2.pdf215.97 KBAdobe PDF Download

Advisor(s)

Abstract(s)

It is crucial for companies to acknowledge the need for applying security policies because, without such policies, there is no reliable way to define, implement, and enforce a security plan within an organization. Small and medium sized enterprises (SME) are no exception. Within the organizational universe, SMEs assume a unique relevance due to their high number, which makes information security efficiency a paramount issue. There are several measures which can be implemented in order to ensure the effective protection of information assets, among which the adoption of ISS policies stands out. A recent survey concluded that from 307 SMEs, only 15 indicated to have an ISS policy [1]. The conclusion drawn from that study was that the adoption of ISS policies has not become a reality yet. As an attempt to mitigate this fact, security policies were formulated, implemented and adopted in 10 SMEs which had stated not to have this security measure. These interventions were conceived as Action Research (AR) projects.

Description

Keywords

Formulation Implementation and adoption of information security policies Information security Small and medium sized enterprises

Pedagogical Context

Citation

Lopes, Isabel Maria; Oliveira P. (2016). The security policy application process: action research. In Rocha, Álvaro [et al.] (eds.) New Advances in Information Systems and Tecnologies. London: Springer International Publishing. 2, p. 353-362. ISBN 978-3-319-31307-8

Research Projects

Research ProjectShow more

Organizational Units

Journal Issue

Publisher

Springer International Publishing

CC License

Altmetrics