Skip to main content

A STOPE model for the investigation of compliance with ISO 17799-2005

Buy Article:

$54.08 plus tax (Refund Policy)


Purpose ‐ With the widespread of e-services, provided by different organizations at the internal intranet level, the business extranet level, and the public internet level, compliance with international information security management standards is becoming of increasing importance for establishing a common and safe environment for such services. The purpose of this paper is to examine the development of a mathematical model that enables the investigation of compliance of organizations with the widely acknowledged international information security management standard ISO 17799-2005. Design/methodology/approach ‐ The model is based on the strategy, technology, organization, people and environment ‐ STOPE ‐ framework that provides an integrated well-structured view of the various factors involved. The paper addresses the use of the model for practical investigations; it describes a practical example illustrating possible practical results. Findings ‐ The results show the strengths and the weaknesses of compliance, with the standard, at different levels: from the level of the measures associated with each of the "131" standard protection controls, up to the level of the STOPE domains. Originality/value ‐ The paper addresses the use of a mathematical model for practical investigations of compliance with the international information security management standard.

Keywords: Data security; International standards

Document Type: Research Article


Publication date: August 21, 2007

Access Key

Free Content
Free content
New Content
New content
Open Access Content
Open access content
Partial Open Access Content
Partial Open access content
Subscribed Content
Subscribed content
Free Trial Content
Free trial content
Cookie Policy
Cookie Policy
Ingenta Connect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more