 Managing Information Security Through Policy Definition: Organizational ImplicationsMoufida Sadok () and
Paolo Spagnoletti ()
A chapter in Information Systems: Crossroads for Organization, Management, Accounting and Engineering, 2012, pp 409-417 from Springer Abstract: Abstract Organizations are more dependent than ever on the effective security of their information systems in order to ensure business continuity, efficiency and compliance with regulatory and governance frameworks. However, security breaches surveys reveal a poor effectiveness of security solutions and procedures implemented by the enterprises. In particular, enterprises experience difficulties in assessing and managing their security risks, applying appropriate security controls, as well as preventing security threats. In this paper we explore the nature of a security policy with a specific focus on managerial and strategic implications of the security policy implementation process. Two examples are provided in order to setup the basis of a method for the definition of security policies aligned with both operational and strategic plans of an enterprise. Keywords: Information Security; Security Policy; Customer Relationship Management; Security Solution; Security Incident (search for similar items in EconPapers) There are no downloads for this item, see the EconPapers FAQ for hints about obtaining it. Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:spr:sprchp:978-3-7908-2789-7_45 Ordering information: This item can be ordered from DOI: 10.1007/978-3-7908-2789-7_45 Access Statistics for this chapter More chapters in Springer Books from Springer |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.