Information Security Policy: A Management Practice Perspective
نویسندگان
چکیده
Considerable research effort has been devoted to the study of Policy in the domain of Information Security Management (ISM). However, our review of ISM literature identified four key deficiencies that reduce the utility of the guidance to organisations implementing policy management practices. This paper provides a comprehensive overview of the management practices of information security policy and develops a practice-based model. The model provides comprehensive guidance to practitioners on the activities security managers must undertake for security policy development and allows practitioners to benchmark their current practice with the models suggested best practice. The model contributes to theory by mapping existing information security policy research in terms of the defined management practices.
منابع مشابه
طراحی مدل سیاست گذاری رسانه ایی سازمان تامین اجتماعی ایران
Introduction: Mass media plays a crucial role in information distribution and thus in the political market and public policy making. Theory predicts that the information provided by mass media reflects the media’s incentives to provide news to different types of groups in society, and affects these groups’ influence in policy-making. A few empirical studies have tried to assess the effect of me...
متن کاملطراحی مدل سیاست گذاری رسانه ایی سازمان تامین اجتماعی ایران
Introduction: Mass media plays a crucial role in information distribution and thus in the political market and public policy making. Theory predicts that the information provided by mass media reflects the media’s incentives to provide news to different types of groups in society, and affects these groups’ influence in policy-making. A few empirical studies have tried to assess the effect of me...
متن کاملExploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)
A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...
متن کاملExploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)
A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...
متن کاملامنیت اطلاعات سامانه های تحت وب نهاد کتابخانه های عمومی کشور
Purpose: This paper aims to evaluate the security of web-based information systems of Iran Public Libraries Foundation (IPLF). Methodology: Survey method was used as a method for implementation. The tool for data collection was a questionnaire, based on the standard ISO/IEC 27002, that has the eleven indicators and 79 sub-criteria, which examines security of web-based information systems of IP...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1606.00890 شماره
صفحات -
تاریخ انتشار 2016