The security policy application process: action research

Lopes, Isabel Maria; Oliveira, Pedro

Publication

The security policy application process: action research

2016Conference paper

dc.contributor.author	Lopes, Isabel Maria
dc.contributor.author	Oliveira, Pedro
dc.date.accessioned	2016-03-31T08:44:45Z
dc.date.available	2016-03-31T08:44:45Z
dc.date.issued	2016
dc.description.abstract	It is crucial for companies to acknowledge the need for applying security policies because, without such policies, there is no reliable way to define, implement, and enforce a security plan within an organization. Small and medium sized enterprises (SME) are no exception. Within the organizational universe, SMEs assume a unique relevance due to their high number, which makes information security efficiency a paramount issue. There are several measures which can be implemented in order to ensure the effective protection of information assets, among which the adoption of ISS policies stands out. A recent survey concluded that from 307 SMEs, only 15 indicated to have an ISS policy [1]. The conclusion drawn from that study was that the adoption of ISS policies has not become a reality yet. As an attempt to mitigate this fact, security policies were formulated, implemented and adopted in 10 SMEs which had stated not to have this security measure. These interventions were conceived as Action Research (AR) projects.	pt_PT
dc.description.sponsorship	This work has been supported by FCT- Fundação para a Ciência e a Teconologia within the Project Scope UID/CEC/00319/2013.
dc.identifier.citation	Lopes, Isabel Maria; Oliveira P. (2016). The security policy application process: action research. In Rocha, Álvaro [et al.] (eds.) New Advances in Information Systems and Tecnologies. London: Springer International Publishing. 2, p. 353-362. ISBN 978-3-319-31307-8	pt_PT
dc.identifier.doi	10.1007/978-3-319-31307-8_37	pt_PT
dc.identifier.isbn	978-3-319-31307-8
dc.identifier.issn	2194-5357
dc.identifier.uri	http://hdl.handle.net/10198/12855
dc.language.iso	eng	pt_PT
dc.peerreviewed	yes	pt_PT
dc.publisher	Springer International Publishing	pt_PT
dc.rights.uri	http://creativecommons.org/licenses/by/4.0/	pt_PT
dc.subject	Formulation Implementation and adoption of information security policies	pt_PT
dc.subject	Information security	pt_PT
dc.subject	Small and medium sized enterprises	pt_PT
dc.title	The security policy application process: action research	pt_PT
dc.type	conference paper
dspace.entity.type	Publication
oaire.awardURI	info:eu-repo/grantAgreement/FCT/5876/UID%2FCEC%2F00319%2F2013/PT
oaire.citation.conferencePlace	Springer Internatonal Publishing	pt_PT
oaire.citation.endPage	362	pt_PT
oaire.citation.startPage	353	pt_PT
oaire.citation.title	New Advances in Information Systems and Tecnologies	pt_PT
oaire.citation.volume	2	pt_PT
oaire.fundingStream	5876
person.familyName	Lopes
person.familyName	Oliveira
person.givenName	Isabel Maria
person.givenName	Pedro
person.identifier.ciencia-id	8812-AE1C-A316
person.identifier.orcid	0000-0002-5614-3516
person.identifier.orcid	0000-0001-8346-1694
person.identifier.rid	A-1728-2014
person.identifier.scopus-author-id	55211017300
project.funder.identifier	http://doi.org/10.13039/501100001871
project.funder.name	Fundação para a Ciência e a Tecnologia
rcaap.rights	restrictedAccess	pt_PT
rcaap.type	conferenceObject	pt_PT
relation.isAuthorOfPublication	111716db-94a0-4c24-b739-330dc2ae79fc
relation.isAuthorOfPublication	b2d880bb-278b-489c-aa8f-353cfd99f0fa
relation.isAuthorOfPublication.latestForDiscovery	111716db-94a0-4c24-b739-330dc2ae79fc
relation.isProjectOfPublication	00c39a26-0b76-46f3-8cf2-257e31150f09
relation.isProjectOfPublication.latestForDiscovery	00c39a26-0b76-46f3-8cf2-257e31150f09