Information systems security policies: a survey in Portuguese public administration

Conference object English OPEN
Lopes, Isabel Maria ; Sá-Soares, Filipe de (2010)
  • Publisher: IADIS International Conference Information Systems. 2010
  • Subject: Information systems security | Information system security in public administration | Information System Security | Information system security policies

Information Systems Security is a relevant factor for present organizations. Among the security measures, policies assume a central role in literature. However, there is a reduced number of empirical studies about the adoption of information systems security policies. This paper contributes to mitigate this flaw by presenting the results of a survey in the adoption of Information System Security Policies in Local Public Administration in Portugal. The results are discussed in light of literature and future works are identified with the aim of enabling the adoption of security policies in Public Administration.
  • References (26)
    26 references, page 1 of 3

    Barman, S., 2001. Writing Information Security Policies. New Riders, Indianapolis.

    Baskerville, R. and Siponen M., 2002. An information security meta-policy for emergent organizations. Logistics Information Management, Vol. 15, No. 5/6, pp. 337-346.

    Bretschneider, S., 1990. Management Information Systems in Public and Private Organizations: An Empirical Test. The Public Administration Review, Vol. 50, No. 5, pp. 536-545.

    Dhillon, G. and Backhouse J., 1997. Managing for secure organizations: a critique of information systems security research approaches. Technical Report, London School of Economics, Computer Security Research Centre, London.

    Dhillon, G and Backhouse, J., 2000. Information System Security Management in the New Millennium. Communications of ACM, Vol. 43, No. 7, pp. 125-128.

    Forcht, K. and Ayers, W., 2001. Developing a Computer Security Policy for Organizational Use and Implementation. Journal of Computer Information Systems; Vol. 41, No. 2, pp. 52-57.

    Fulford, H. and Doherty, N. F., 2003. The application of information security policies in large UK-based organizations: an exploratory investigation. Information Management & Computer Security, Vol. 11, No. 3, pp. 106-114.

    Gartner, 2009. Dataquest Alert: Forecast, IT Spending in Industries, Worldwide, 3Q09 Update. October.

    Higgins, H. N., 1999. Corporate system security: towards an integrated management approach. Information Management & Computer Security, Vol. 7, No. 5, pp. 217-222.

    Höne, K. and Eloff, J., 2002a. Information security policy - what do international information security standards say?. Computers & Security, Vol. 21, No. 5, pp. 402-409.

  • Metrics
    No metrics available
Share - Bookmark