Information security policy development and implementation: The what, how and who. Issue 61 (August 2016)
- Record Type:
- Journal Article
- Title:
- Information security policy development and implementation: The what, how and who. Issue 61 (August 2016)
- Main Title:
- Information security policy development and implementation: The what, how and who
- Authors:
- Flowerday, Stephen V.
Tuyikeze, Tite - Abstract:
- Abstract: The development of an information security policy involves more than mere policy formulation and implementation. Unless organisations explicitly recognise the various steps required in the development of a security policy, they run the risk of developing a policy that is poorly thought out, incomplete, redundant and irrelevant, and which will not be fully supported by the users. This paper argues that an information security policy has an entire life cycle through which it must pass during its useful lifetime. A formal content analysis of information security policy development methods was conducted using secondary sources. Based on the results of the content analysis, a conceptual framework was subsequently developed. The proposed framework outlines the various constructs required in the development and implementation of an effective information security policy. In the course of this study, a survey of 310 security professionals was conducted in order to validate and refine the concepts contained in the key component of the framework: the ISPDLC.
- Is Part Of:
- Computers & security. Issue 61(2016)
- Journal:
- Computers & security
- Issue:
- Issue 61(2016)
- Issue Display:
- Volume 61, Issue 61 (2016)
- Year:
- 2016
- Volume:
- 61
- Issue:
- 61
- Issue Sort Value:
- 2016-0061-0061-0000
- Page Start:
- 169
- Page End:
- 183
- Publication Date:
- 2016-08
- Subjects:
- Security policy development -- Security policy implementation -- Security policy life cycle -- Security policy management -- Risk assessment
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2016.06.002 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 1.xml