A specification for an information security management system which is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization’s information risk management processes.
Published in Chapter:
Information Security Awareness in Tourism Enterprises: Case of Turkish Manager Opinions
Kamil Yağcı (Pamukkale University, Turkey), Süreyya Akçay (Gazi University, Turkey), Mahmut Efendi (Adnan Menderes University, Turkey), and Hande Mutlu Öztürk (Pamukkale University, Turkey)
Copyright: © 2020
|Pages: 17
DOI: 10.4018/978-1-7998-3030-6.ch015
Abstract
With the increase in information technology use, problems related to the security of these technologies have become significant. Businesses are required to acquire information, use information technologies, and rely on the information they collected to continue their presence. The requirement of information technology use and related security problems cannot be ignored by both individuals and businesses. One of the industries with large data pools is the tourism industry. Thus, the protection of personal or corporate information is a process that should be managed especially for businesses. In order for this management process to be successful, it is necessary for the corporations to have security policies that are supported by the senior management, possible to implement and understand, and accepted at all corporate levels. Thus, the present study aimed to explain the significance of information security, especially the security of the information in the tourism industry, which is as an important part of the service industry.