Exploring the Effectiveness of Information Security Policies

Exploring the Effectiveness of Information Security Policies

Neil F. Doherty (Loughborough University, UK) and Heather Fulford (Loughborough University, UK)
Copyright: © 2007 |Pages: 24
DOI: 10.4018/978-1-59904-286-2.ch003
OnDemand PDF Download:


Ensuring the security of corporate information assets has become an extremely complex, challenging and high-priority activity, due partly to their growing organizational importance, but also because of their increasing vulnerability to attacks from viruses, hackers, criminals, and human error. Consequently, organizations are having to prioritise the security of their computer systems, to ensure that their information assets retain their accuracy, confidentiality, and availability. Whilst the importance of the information security policy (InSPy) in ensuring the security of information is widely acknowledged, there has, to date, been little empirical analysis of its impact or effectiveness in this role. To help fill this gap an exploratory study was initiated that sought to investigate the relationship between the uptake and application of information security policies and the accompanying levels of security breaches. To this end a questionnaire was designed, validated, and then targeted at IT managers within large organisations in the United Kingdom. The findings, presented in this chapter, are somewhat surprising, as they show no statistically significant relationships between the adoption of information security policies and the incidence or severity of security breaches. The chapter concludes by exploring the possible interpretations of this unexpected finding, and its implications for the practice of information security management.

Complete Chapter List

Search this Book:
Table of Contents
Mehdi Khosrow-Pour
Chapter 1
Tanya Bondarouk, Klaas Sikkel
The starting point of this chapter is the belief that it is neither the quality of the technology, nor that of the individual users, but the... Sample PDF
The Relevance of Learning Processes for IT Implementation
Chapter 2
Ronald Dattero, Stuart D. Galup, Jing “Jim” Quan
In this chapter, we quantify the differences in the hourly salaries of female software developers with their male counterparts using the human... Sample PDF
Salary Differences Between Male and Female Software Developers
Chapter 3
Neil F. Doherty, Heather Fulford
Ensuring the security of corporate information assets has become an extremely complex, challenging and high-priority activity, due partly to their... Sample PDF
Exploring the Effectiveness of Information Security Policies
Chapter 4
Deirdre A. Folkers
Higher education has traditionally been very slow moving, with change being measured in years or even decades. Recently, external forces have... Sample PDF
Competing in the Marketplace: Incorporating Online Education into Higher Education
Chapter 5
Omar E.M. Khalil, Manal M. Elkordy
This chapter reports on the findings of research investigating the influence of information quality on EIS information use as well as the possible... Sample PDF
Determinant of Information Quality and Use of Executive Information Systems (EIS) in UK
Chapter 6
Ned Kock
Much of the past research on electronic communication media suggests that those media pose obstacles to communication in collaborative tasks when... Sample PDF
Evidence of Compensatory Adaptation to Unnatural Media in a Field Study of Process Redesign Dyads
Chapter 7
Laura Lally
This chapter draws upon normal accident theory and the theory of high reliability organizations to examine the potential impacts of information... Sample PDF
Information Technology as a Target, Shield, and Weapon in the Post-9/11 Environment
Chapter 8
D. Harrison McKnight, Norman L. Chervany
This study examines a model of factors influencing system troubleshooter trust in their supervisors, contrasting experiential and nonexperiential... Sample PDF
An Extended Trust Building Model: Comparing Experiential and Non-Experiential Factors
Chapter 9
Souren Paul, Carol Stoak Saunders, William David Haseman
Information acquisition and its use are frequently considered critical to the decision- making process, yet related research, especially about the... Sample PDF
A Question of Timing: Information Acquisition and Group Decision Making Performance
Chapter 10
Alan R. Peslak
Privacy on the Internet has been of increasing concern with the explosive growth of electronic commerce. A series of past surveys by the Federal... Sample PDF
Progress in Internet Privacy Policies: A Review of Survey of U.S. Companies from 1998 through 2006
Chapter 11
Margi Levy, Philip Powell, Les Worrall
Small firms’ use of e-business is limited and little is known about what drives them to embrace e-business. Using survey data from 354 small and... Sample PDF
The Relationship of Strategic Intent to the Enablers and Inhibitors of E-Business Adoption in SMEs
Chapter 12
Monideepa Tarafdar, Jie (Jennifer) Zhang
Web site usability is concerned with how easy and intuitive it is for individuals to presence, as perceived by users. The usability of Web sites is... Sample PDF
Understanding Web Site Usability: The Influence of Web Site Design Parameters
Chapter 13
Abhishek Nirjar, Andrew Tylecote
Small and medium enterprises in the Indian software development industry, like their larger counterparts, are mostly low on the value ladder. This... Sample PDF
Breaking Out of Lock-In: Insights from Case Studies into Ways to Up the Value Ladder for Indian Software SMEs
Chapter 14
Tor Guimaraes
Agent technology offers a new means of effectively managing knowledge and addresses complex decision processes which heretofore appeared... Sample PDF
Comparing Expert Systems and Agent Technology for KM
About the Editor
About the Authors