The ISO/IEC 27001 information security management standard: literature review and theory-based research agenda
نویسندگان
چکیده
Purpose After 15 years of research, this paper aims to present a review the academic literature on ISO/IEC 27001, most renowned standard for information security and third widespread ISO certification. Emerging issues are reframed through lenses social systems thinking, deriving theory-based research agenda inspire interdisciplinary studies in field. Design/methodology/approach The study is structured as systematic review. Findings Research themes sub-themes identified five broad foci: relation with other standards, motivations, implementation, possible outcomes contextual factors. Originality/value presents overview body knowledge providing solid foundations future topic. A set opportunities outlined, aim at crossroad between quality management. Managers interested implementation policymakers can find an useful inform their decisions related regulatory activities.
منابع مشابه
Iso/iec 27001 Information Systems Security Management Standard : Exploring the Reasons for Low Adoption
In this paper we attempt to find the reasons for low adoption of the international standard ISO/IEC 2700 on information security management. We benchmark ISO/IEC 27001 against the two other widely applied management system standards – ISO 9001 for quality management and ISO 14001 for environmental management We show that besides low adoption rates, ISO/IEC 27001 standard has received significan...
متن کاملISO/IEC 27000, 27001 and 27002 for Information Security Management
With the increasing significance of information technology, there is an urgent need for adequate measures of information security. Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and security breaches, fraudulent accounting practices, and attacks on IT systems appeared in public, organizations have recognize...
متن کاملDeriving a Research Agenda for the Management of Multisourcing Relationships Based on a Literature Review
There has been considerable development in Information Technology (IT) outsourcing during the last two decades. Nowadays, practitioner-related as well as scholarly literature have identified multisourcing as an emerging key strategy. Multisourcing is described as the blending of services from multiple internal and external vendors. Especially in the case of multisourcing the management of relat...
متن کاملThe Adoption of Information Security Management Standards A Literature Review
This chapter introduces major information security management methods and standards, and particularly ISO/IEC 27001 and 27002 standards. A literature review was conducted in order to understand the reasons for the low level of adoption of information security standards by companies, and to identify the drivers and the success factors in implementation of these standards. Based on the findings o...
متن کاملSocial Cognitive Theory in IS Research - Literature Review, Criticism, and Research Agenda
A multitude of research studies have been published investigating individual behavior from the viewpoint of Social Cognitive Theory. We have now reached a point where making sense of such a large number of studies has become a difficult task and where future research efforts must integrate past SCT findings but also express the full potential of SCT in IS research. The aim of the present paper ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: The Tqm Journal
سال: 2021
ISSN: ['1754-274X', '1754-2731']
DOI: https://doi.org/10.1108/tqm-09-2020-0202