Welcome to the InfoSci Platform
The Risks Associated With ITIL Information Security Management in Micro Companies

The Risks Associated With ITIL Information Security Management in Micro Companies

Sérgio Sargo Lopes, Mário Dias Lousã, Fernando Almeida
Copyright: © 2023 |Pages: 36
ISBN13: 9781668465813|ISBN10: 1668465817|ISBN13 Softcover: 9781668465820|EISBN13: 9781668465837
DOI: 10.4018/978-1-6684-6581-3.ch001
Cite Chapter Cite Chapter

MLA

Lopes, Sérgio Sargo, et al. "The Risks Associated With ITIL Information Security Management in Micro Companies." Fraud Prevention, Confidentiality, and Data Security for Modern Businesses, edited by Arshi Naim, et al., IGI Global, 2023, pp. 1-36. https://doi.org/10.4018/978-1-6684-6581-3.ch001

APA

Lopes, S. S., Lousã, M. D., & Almeida, F. (2023). The Risks Associated With ITIL Information Security Management in Micro Companies. In A. Naim, P. Malik, & F. Zaidi (Eds.), Fraud Prevention, Confidentiality, and Data Security for Modern Businesses (pp. 1-36). IGI Global. https://doi.org/10.4018/978-1-6684-6581-3.ch001

Chicago

Lopes, Sérgio Sargo, Mário Dias Lousã, and Fernando Almeida. "The Risks Associated With ITIL Information Security Management in Micro Companies." In Fraud Prevention, Confidentiality, and Data Security for Modern Businesses, edited by Arshi Naim, Praveen Kumar Malik, and Firasat Ali Zaidi, 1-36. Hershey, PA: IGI Global, 2023. https://doi.org/10.4018/978-1-6684-6581-3.ch001

Export Reference

Mendeley
Favorite

Abstract

Information security has become a necessity for all organizations. ITIL, designed for large organizations, has also been gradually adopted by smaller companies and has incorporated practices related to information security management (ISM). This study aims to understand the main risks associated with ISM, considering the context of micro companies. For this purpose, a qualitative model was built based on four case studies of micro companies in the information technology industry. The results show that companies are concerned about information security, given the growth of external threats. However, these companies have a lack of commitment, of resources, and of knowledge that hinder the implementation of an ISM policy. Therefore, it is evident that the challenge of ISM is demanding and should be addressed, considering that the security of an organization should be analyzed in a holistic context, where all perspectives should be considered to reflect the multidisciplinary nature of security.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.