The application of information security policies in large UK-based organizations: an exploratory investigation

The application of information security policies in large UK-based organizations: an exploratory investigation

Despite its widely acknowledged importance, the information security policy has not, to date, been the subject of explicit, empirical scrutiny, in the academic literature. To help fill this gap an exploratory research project was initiated that sought to investigate the uptake, content, disseminatio...

Full description

Saved in:
Bibliographic Details
Main Authors: Neil Doherty, Heather Fulford
Format: Default Article
Published: 2003
Subjects:
Other commerce, management, tourism and services not elsewhere classified
Data models, storage and indexing
Information systems not elsewhere classified
Computer security
Information security policy
Policy dissemination
Policy content
United Kingdom
Information Systems
Data Format
Business and Management not elsewhere classified
Online Access:https://hdl.handle.net/2134/8233
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Despite its widely acknowledged importance, the information security policy has not, to date, been the subject of explicit, empirical scrutiny, in the academic literature. To help fill this gap an exploratory research project was initiated that sought to investigate the uptake, content, dissemination and impact of information security policies. To this end, a questionnaire was mailed to senior IS executives, in large UK-based organizations, and 208 valid responses were received. The results of this research have indicated that whilst policies are now fairly common, at least amongst our sample, there is still a high degree of variety in terms of their content and dissemination.

Similar Items