Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
10340803 | Computers & Security | 2005 | 15 Pages |
Abstract
The protection of information systems is a major problem faced by organisations. The application of a security policy is considered essential for managing the security of information systems. Implementing a successful security policy in an organisation, however, is not a straightforward task and depends on many factors. This paper explores the processes of formulating, implementing and adopting a security policy in two different organisations. A theoretical framework based on the theory of contextualism is proposed and applied in the analysis of these cases. The contextual perspective employed in this paper illuminates the dynamic nature of the application of security policies and brings forth contextual factors that affect their successful adoption.
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Maria Karyda, Evangelos Kiountouzis, Spyros Kokolakis,