A Conceptual Analysis about the Organizational Impact of Compliance on Information Systems Security

Maurizio Cavallari

Risultato della ricerca: Contributo in libroChapter

6 Citazioni (Scopus)

Abstract

Protection of data and information security are crucial to business processes and include technical, sociological and organizational aspects. The purpose of this paper is to explore the importance of information security policy and organizational compliance within a socio-technical framework. Citing some of the major compliance acts in the United States, this paper examines how the need arose for information security compliance and the antecedents that made compliance mandatory for organizations. This would apply to any organization, in whichever other country, within its legal compliance framework. A discussion follows to help shed light on how both individual employees and the organization as a whole often fail to implement a satisfactory compliance initiative. Finally, the research presents a set of key factors that influence successful implementation of information system security Compliance into the information security policy (ISP), along with what actions should be taken to make compliance a competitive advantage for the organization, taking advantage of the particular relationship between compliance and ISP.
Lingua originaleEnglish
Titolo della pubblicazione ospiteExploring Service Science - IESS 2012
EditorMehdi Snene
Pagine101-114
Numero di pagine14
DOI
Stato di pubblicazionePubblicato - 2012

Keywords

  • ISP
  • ISS
  • compliance
  • information systems
  • security

Fingerprint

Entra nei temi di ricerca di 'A Conceptual Analysis about the Organizational Impact of Compliance on Information Systems Security'. Insieme formano una fingerprint unica.

Cita questo