An empirical study of information security policy on information security elevation in Taiwan

Hong, Kwo‐Shing; Chi, Yen-Ping; Chao, Louis R.; Tang, Jih-Hsing

doi:10.1108/09685220610655861

Cited by 42 publications

(27 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One of the most significant roles of information security policy is to precisely specify user's rights and responsibilities and to successfully communicate it to all users, to ensure there is a mutual and coherent understanding of information security that is embraced by the organization [11]. This eliminates excuses for employees who fail to follow and execute security practices aligned with the organization's policy [23].…”

Section: Role and Scope Of The Information Security Policymentioning

confidence: 99%

Review of Information Security Policy based on Content Coverage and Online Presentation in Higher Education

Ghazvini

Shukur

Hood

2018

ijacsa

View full text Add to dashboard Cite

Abstract-Policies are high-level statements that are equal to organizational law and drive the decision-making process within the organization. Information security policy is not easy to develop unless organizations clearly identify the necessary steps required in the development process of an information security policy, particularly in institutions of higher education that largely utilize IT. An inappropriate development process or replication of security policy content from other organizations could fail in execution. The execution of a duplicated policy could fail to act in accordance with enforceable rules and regulations even though it is well developed. Hence, organizations need to develop appropriate policies in compliance with the organization regulatory requirements. This paper aims to reviews policies from selected universities with regards to ISO 27001:2013 minimum requirements as well as effective online presentation. The online presentation review covers the elements of aesthetics, navigation and content presentation. The information on the security policy document resides on the universities' website.

show abstract

Section: Role and Scope Of The Information Security Policymentioning

confidence: 99%

Review of Information Security Policy based on Content Coverage and Online Presentation in Higher Education

Ghazvini

Shukur

Hood

2018

ijacsa

View full text Add to dashboard Cite

show abstract

“…One increasingly important mechanism for protecting corporate information, and in so doing helping to safeguard organizational knowledge assets, is through the formulation and application of a formal information security policy [Hinde, 2002;von Solms & von Solms, 2004]. The broad consensus within the literature is that the information security is a high level document, which defines the organizations' goals, intentions and priorities, with respect to the management of information security, as well as highlighting the roles, rights and responsibilities of individual members of staff, with respect to the attainment of the security objectives [Hong et al, 2006;Hone & Eloff 2002a]. Given their perceived importance, it is not surprising that there is already an established literature, with respect to the importance and role of the policy, as well as approaches to its formulation and dissemination.…”

Section: Introductionmentioning

confidence: 99%

The information security policy unpacked: A critical study of the content of university policies

Doherty

Anastasakis

Fulford

2009

International Journal of Information Management

View full text Add to dashboard Cite

“…Research has considered the role [18], importance [35], structure [4], and content [12] of the information security policy, but none have directly addressed the essential tension between the need to both share and protect information that is fundamental to organizations like an HIE. Our theoretical model addresses that tension and we apply the model to an HIE to understand how the tension is managed through the information security policy development process in such an organization.…”

Section: Formulating Policiesmentioning

confidence: 99%

A Framework for Evaluating the Tension between Sharing and Protecting Health Information

Anderson¹,

Baskerville²,

Kaul³

2017

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

View full text Add to dashboard Cite

show abstract

An empirical study of information security policy on information security elevation in Taiwan

Cited by 42 publications

References 13 publications

Review of Information Security Policy based on Content Coverage and Online Presentation in Higher Education

Review of Information Security Policy based on Content Coverage and Online Presentation in Higher Education

The information security policy unpacked: A critical study of the content of university policies

A Framework for Evaluating the Tension between Sharing and Protecting Health Information

Contact Info

Product

Resources

About