Proceedings of the International Conference on Transformations and Innovations in Management (ICTIM 2017)

Critical Considerations for Organisation-specific Information Security Policy Development

Authors
Hanna Kinnunen
Corresponding Author
Hanna Kinnunen
Available Online September 2017.
DOI
https://doi.org/10.2991/ictim-17.2017.53How to use a DOI?
Keywords
Information security policy, information security management, development method
Abstract

Organisations use information security policies (ISP) to guide the use of their information assets. Previous literature has presented ways to develop ISPs from suggested content to development methods; however, these approaches encounter problems when they are applied in organisations without adequate support. This paper introduces the development of a meta-methodology to support organisation-specific ISP development. The approach is developed via action research with four Finnish companies. The results of the first two research cycles produced a list of 11 critical considerations, which were used to design ISP development methods. The critical considerations proved to be useful in designing different methods for different organisation settings. However, they are only the first step towards a meta-methodology for designing ISP development methods.

Copyright
© 2017, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Volume Title
Proceedings of the International Conference on Transformations and Innovations in Management (ICTIM 2017)
Series
Advances in Economics, Business and Management Research
Publication Date
September 2017
ISBN
978-94-6252-405-7
ISSN
2352-5428
DOI
https://doi.org/10.2991/ictim-17.2017.53How to use a DOI?
Copyright
© 2017, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - CONF
AU  - Hanna Kinnunen
PY  - 2017/09
DA  - 2017/09
TI  - Critical Considerations for Organisation-specific Information Security Policy Development
BT  - Proceedings of the International Conference on Transformations and Innovations in Management (ICTIM 2017)
PB  - Atlantis Press
SP  - 677
EP  - 686
SN  - 2352-5428
UR  - https://doi.org/10.2991/ictim-17.2017.53
DO  - https://doi.org/10.2991/ictim-17.2017.53
ID  - Kinnunen2017/09
ER  -