An information security meta‐policy for emergent organizations-Reference-Cited by-同舟云学术

An information security meta‐policy for emergent organizations

Published:2002-12-01 Issue:5/6 Volume:15 Page:337-346
ISSN:0957-6053
Container-title:Logistics Information Management
language:en
Short-container-title:

Author:

Baskerville Richard,Siponen Mikko

Abstract

There is an increasing movement towards emergent organizations and an adaptation of Web‐based information systems (IS). Such trends raise new requirements for security policy development. One such requirement is that information security policy formulation must become federated and emergent. However, existing security policy approaches do not pay much attention to policy formulation at all – much less IS policy formulation for emergent organizations. To improve the situation, an information security meta‐policy is put forth. The meta‐policy establishes how policies are created, implemented and enforced in order to assure that all policies in the organization have features to ensure swift implementation and timely, ongoing validation.

Publisher

Emerald

Subject

General Energy

Reference47 articles.

1. Abrams, M.D. and Bailey, D. (1995), “Abstraction and refinement of layered security policy”, in Abrams, M.D, Jajodia, S. and Podell, H.J. (Eds), Information Security – An integrated Collection of Essays, IEEE Computer Society Press, New York, NY.

2. Anderson, R. (1996), “A security policy model for clinical information systems”, 1996 IEEE Symposium on Security and Privacy.

3. Backhouse, J. and Dhillon, G. (1996), “Structures of responsibilities and security of information systems”, European Journal of Information Systems, Vol. 5 No. 1, pp. 2‐10.

4. Baskerville, R. (1992), “The developmental duality of information systems security”, Journal of Management Systems, Vol. 4 No. 1, pp. 1‐12.

5. Baskerville, R. (1993), “Information systems security design methods: implications for information systems development”, ACM Computing Surveys, Vol. 25 No. 4, December, pp. 375‐414.

Cited by 87 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Incorrect compliance and correct noncompliance with information security policies: A framework of rule-related information security behaviour;Computers & Security;2024-10

2. Reducing fraud in organizations through information security policy compliance: An information security controls perspective;Computers & Security;2024-09

3. Bureaucracies in information securing: Transitioning from iron cages to iron shields;Information and Organization;2024-09

4. Synthesizing Information Security Policy Compliance And Non-compliance: A Comprehensive Study And Unified Framework;Journal of Organizational Computing and Electronic Commerce;2024-07-24

5. A field experiment on ISP training designs for enhancing employee information security compliance;European Journal of Information Systems;2024-06-03