Skip to main content

Implementation and effectiveness of organizational information security measures

Buy Article:

$54.08 plus tax (Refund Policy)

Abstract:

Purpose ‐ The purpose of this paper is to study the implementation of organizational information security measures and assess the effectiveness of such measures. Design/methodology/approach ‐ A survey was designed and data were collected from information security managers in a selection of Norwegian organizations. Findings ‐ Technical-administrative security measures such as security policies, procedures and methods are the most commonly implemented organizational information security measures in a sample of Norwegian organizations. Awareness-creating activities are applied by the organizations to a considerably lesser extent, but are at the same time these are assessed as being more effective organizational measures than technical-administrative ones. Consequently, the study shows an inverse relationship between the implementation of organizational information security measures and assessed effectiveness of the organizational information security measures. Originality/value ‐ Provides insight into the non-technological side of information security. While most other studies look at the effectiveness of single organizational security measures, the present study considers combinations of organizational security measures.

Keywords: Data security; Norway; Organizations

Document Type: Research Article

DOI: http://dx.doi.org/10.1108/09685220810908796

Publication date: October 10, 2008

mcb/046/2008/00000016/00000004/art00004
dcterms_title,dcterms_description,pub_keyword
6
5
20
40
5

Access Key

Free Content
Free content
New Content
New content
Open Access Content
Open access content
Subscribed Content
Subscribed content
Free Trial Content
Free trial content
Cookie Policy
X
Cookie Policy
ingentaconnect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more