Institutionalization of information systems security policies adoption: factors and guidelines

Information systems security policies are pointed out in literature as one of the main controls to be applied by organizations for protecting their information systems. Despite this, it has been observed that, in several sectors of activity, the number of organizations having adopted that control is...

ver descrição completa

Detalhes bibliográficos
Autor principal: Lopes, Isabel Maria (author)
Outros Autores: Sá-Soares, Filipe de (author)
Formato: article
Idioma:eng
Publicado em: 2015
Assuntos:
Information systems security policies adoption
Information systems security
Institutionalization
Institutional theory
Texto completo:http://hdl.handle.net/10198/11573
País:Portugal
Oai:oai:bibliotecadigital.ipb.pt:10198/11573
Descrição
Resumo:Information systems security policies are pointed out in literature as one of the main controls to be applied by organizations for protecting their information systems. Despite this, it has been observed that, in several sectors of activity, the number of organizations having adopted that control is low. This study aimed to identify the factors which condition the adoption of information systems security policies by organizations. Methodologically, the study involved interviewing the officials in charge of information systems in 44 Town Councils in Portugal. The factors facilitating and inhibiting the adoption of information systems security policies are presented and discussed. Based on these factors, a set of recommendations to enhance the adoption of information systems security policies is proposed. The study used Institutional Theory as a theoretical framework.

Registros relacionados