Näytä suppeat kuvailutiedot

dc.contributor.authorPaananen, Hanna
dc.contributor.authorSiponen, Mikko
dc.date.accessioned2024-01-10T09:37:43Z
dc.date.available2024-01-10T09:37:43Z
dc.date.issued2023
dc.identifier.citationPaananen, H., & Siponen, M. (2023). Organization Members Developing Information Security Policies : a Case Study. In <i>ICIS 2023 : Proceedings of the International Conference on Information Systems</i>. Association for Information Systems. <a href="https://aisel.aisnet.org/icis2023/cyber_security/cyber_security/14/" target="_blank">https://aisel.aisnet.org/icis2023/cyber_security/cyber_security/14/</a>
dc.identifier.otherCONVID_194657310
dc.identifier.urihttps://jyx.jyu.fi/handle/123456789/92632
dc.description.abstractInformation security policies (ISPs) have a key role in organizational information security. Research has introduced processes for ISP development, including lifecycle models. There are also recommendations to include contextual issues in the ISP development to ensure that the ISP provides tailored protection to the organization’s assets. One way of ensuring this is to include organization members in the development efforts. We identified six functions for the organization member participation from the research literature. Then, we presented two case studies of organizations where the personnel was included in the ISP development process. We found that the participation of the organization members did add value to the process through these functions but that there were also some negative effects. The inclusion of organization members in ISP development can help in gathering feedback directly at the beginning of the lifecycle without the need to go through the entire cycle to identify issues.en
dc.format.mimetypeapplication/pdf
dc.language.isoeng
dc.publisherAssociation for Information Systems
dc.relation.ispartofICIS 2023 : Proceedings of the International Conference on Information Systems
dc.relation.urihttps://aisel.aisnet.org/icis2023/cyber_security/cyber_security/14/
dc.rightsIn Copyright
dc.titleOrganization Members Developing Information Security Policies : a Case Study
dc.typeconferenceObject
dc.identifier.urnURN:NBN:fi:jyu-202401101133
dc.contributor.laitosInformaatioteknologian tiedekuntafi
dc.contributor.laitosFaculty of Information Technologyen
dc.contributor.oppiaineTutkintokoulutusfi
dc.contributor.oppiaineEmpirical Cyber Security and Software Engineeringfi
dc.contributor.oppiaineTietojärjestelmätiedefi
dc.contributor.oppiaineDegree Educationen
dc.contributor.oppiaineEmpirical Cyber Security and Software Engineeringen
dc.contributor.oppiaineInformation Systems Scienceen
dc.type.urihttp://purl.org/eprint/type/ConferencePaper
dc.relation.isbn978-1-958200-07-0
dc.type.coarhttp://purl.org/coar/resource_type/c_5794
dc.description.reviewstatuspeerReviewed
dc.relation.issn1026-1079
dc.type.versionpublishedVersion
dc.rights.copyright© Association for Information Systems
dc.rights.accesslevelopenAccessfi
dc.relation.conferenceInternational Conference on Information Systems
dc.subject.ysotapaustutkimus
dc.subject.ysokehittäminen
dc.subject.ysokyberturvallisuus
dc.subject.ysotietoturva
dc.subject.ysotyöntekijät
dc.subject.ysoorganisaatiot
dc.subject.ysotietoturvapolitiikka
dc.format.contentfulltext
jyx.subject.urihttp://www.yso.fi/onto/yso/p10982
jyx.subject.urihttp://www.yso.fi/onto/yso/p4230
jyx.subject.urihttp://www.yso.fi/onto/yso/p26189
jyx.subject.urihttp://www.yso.fi/onto/yso/p5479
jyx.subject.urihttp://www.yso.fi/onto/yso/p1075
jyx.subject.urihttp://www.yso.fi/onto/yso/p272
jyx.subject.urihttp://www.yso.fi/onto/yso/p25795
dc.rights.urlhttp://rightsstatements.org/page/InC/1.0/?language=en
jyx.fundinginformationTekes, New methods for developing information security policies (NM4DISP)
dc.type.okmA4


Aineistoon kuuluvat tiedostot

Thumbnail

Aineisto kuuluu seuraaviin kokoelmiin

Näytä suppeat kuvailutiedot

In Copyright
Ellei muuten mainita, aineiston lisenssi on In Copyright