Abstract
PurposeAfter 15 years of research, this paper aims to present a review of the academic literature on the ISO/IEC 27001, the most renowned standard for information security and the third most widespread ISO certification. Emerging issues are reframed through the lenses of social systems thinking, deriving a theory-based research agenda to inspire interdisciplinary studies in the field.Design/methodology/approachThe study is structured as a systematic literature review.FindingsResearch themes and sub-themes are identified on five broad research foci: relation with other standards, motivations, issues in the implementation, possible outcomes and contextual factors.Originality/valueThe study presents a structured overview of the academic body of knowledge on ISO/IEC 27001, providing solid foundations for future research on the topic. A set of research opportunities is outlined, with the aim to inspire future interdisciplinary studies at the crossroad between information security and quality management. Managers interested in the implementation of the standard and policymakers can find an overview of academic knowledge useful to inform their decisions related to implementation and regulatory activities.
Subject
Strategy and Management,General Business, Management and Accounting,Business and International Management,General Decision Sciences
Reference189 articles.
1. Accerboni, F. and Sartor, M. (2019), “ISO/IEC 27001”, in Sartor, M. and Orzes, G. (Eds), Quality Management: Tools, Methods, and Standards, Emerald Publishing, Bingley, pp. 245-264.
2. Cyber-physical systems and their security issues;Computers in Industry,2018
3. A survey of security standards applicable to health information systems;International Journal of Information Security and Privacy,2013
4. GoSafe: on the practical characterization of the overall security posture of an organization information system using smart auditing and ranking;Journal of the King Saud University – Computer and Information Sciences,2020
5. Decision support for selecting information security controls;Journal of Decision Systems,2018
Cited by
30 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献