메뉴 건너뛰기
Information Resources Management Journal
Volumn 18, Issue 4, 2005, Pages 21-38
Do information security policies reduce the incidence of security breaches: An exploratory analysis
Author keywords

Information security policy; Large business; Policy scope; Policy uptake; Security management
Indexed keywords

COMPUTER CRIME; COMPUTER SCIENCE; COMPUTER VIRUSES; ERROR DETECTION; INFORMATION SCIENCE; PUBLIC POLICY;
EID: 25144436981     PISSN: 10401628     EISSN: 10401628     Source Type: Journal    
DOI: 10.4018/irmj.2005100102     Document Type: Article
Times cited : (75)
References (39)
  • 1
    • 0041983747 scopus 로고    scopus 로고
    • Strategy paper
    • February
    • Arnott, S. (2002, February). Strategy paper. Computing.
    • (2002) Computing
    • Arnott, S.1
  • 3
    • 0041482690 scopus 로고    scopus 로고
    • The evaluation and certification of information security against BS 7799
    • Barnard, L. & von Solms, R. (1998). The evaluation and certification of information security against BS 7799. Information Management and Computer Security, 6(2), 72-77.
    • (1998) Information Management and Computer Security , vol.6 , Issue.2 , pp. 72-77
    • Barnard, L.1    Von Solms, R.2
  • 4
    • 84861241029 scopus 로고    scopus 로고
    • An information security policy development guide for large companies
    • Canavan, S. (2003). An information security policy development guide for large companies. SANS Institute. Retrieved from http://www.SANS.org
    • (2003) SANS Institute
    • Canavan, S.1
  • 5
    • 0036398120 scopus 로고    scopus 로고
    • Policy enforcement in the workplace
    • David, J. (2002). Policy enforcement in the workplace. Computers and Security, 27(6), 506-513.
    • (2002) Computers and Security , vol.27 , Issue.6 , pp. 506-513
    • David, J.1
  • 6
    • 25144521712 scopus 로고    scopus 로고
    • Taking responsibility for worms and viruses
    • De Campeaux, D. (2002). Taking responsibility for worms and viruses. Communications of the ACM, 45(4), 15-16.
    • (2002) Communications of the ACM , vol.45 , Issue.4 , pp. 15-16
    • De Campeaux, D.1
  • 12
    • 0042363355 scopus 로고    scopus 로고
    • The application of information security policies in large UK-based organizations
    • Fulford, H. & Doherty, N.F. (2003). The application of information security policies in large UK-based organizations. Information Management and Computer Security, 11(3), 106-114.
    • (2003) Information Management and Computer Security , vol.11 , Issue.3 , pp. 106-114
    • Fulford, H.1    Doherty, N.F.2
  • 15
    • 0027853605 scopus 로고
    • Measuring the value of information: The information intensive organization
    • Glazer, R. (1993). Measuring the value of information: The information intensive organization. IBM Systems Journal., 32(1), 99-110.
    • (1993) IBM Systems Journal , vol.32 , Issue.1 , pp. 99-110
    • Glazer, R.1
  • 16
    • 0041482688 scopus 로고    scopus 로고
    • Corporate system security: Towards an integrated management approach
    • Higgins, H.N. (1999). Corporate system security: Towards an integrated management approach. Information Management and Computer Security, 7(5), 217-222.
    • (1999) Information Management and Computer Security , vol.7 , Issue.5 , pp. 217-222
    • Higgins, H.N.1
  • 17
    • 0036299585 scopus 로고    scopus 로고
    • Security surveys spring crop
    • Hinde, S. (2002). Security surveys spring crop. Computers and Security, 21(4), 310-321.
    • (2002) Computers and Security , vol.21 , Issue.4 , pp. 310-321
    • Hinde, S.1
  • 18
    • 0037565614 scopus 로고    scopus 로고
    • Cyber-terrorism in context
    • Hinde, S. (2003). Cyber-terrorism in context. Computers and Security, 22(3), 188-192.
    • (2003) Computers and Security , vol.22 , Issue.3 , pp. 188-192
    • Hinde, S.1
  • 19
    • 0036330173 scopus 로고    scopus 로고
    • Information security policy: What do international security standards say
    • Hone, K. & Eloff, J.H.P. (2002a). Information security policy: What do international security standards say. Computers & Security, 21(5), 402-409.
    • (2002) Computers & Security , vol.21 , Issue.5 , pp. 402-409
    • Hone, K.1    Eloff, J.H.P.2
  • 20
    • 0036613095 scopus 로고    scopus 로고
    • What makes an effective information security policy
    • Hone, K. & Eloff, J.H.P. (2002b). What makes an effective information security policy. Network Security, 20(6), 14-16.
    • (2002) Network Security , vol.20 , Issue.6 , pp. 14-16
    • Hone, K.1    Eloff, J.H.P.2
  • 23
    • 1242263532 scopus 로고    scopus 로고
    • Why there aren't more information security research studies
    • Kotulic, A.G. & Clark, J.G. (2004). Why there aren't more information security research studies. Information & Management, 41, 5907-607.
    • (2004) Information & Management , vol.41 , pp. 5907-6607
    • Kotulic, A.G.1    Clark, J.G.2
  • 26
    • 0000133760 scopus 로고
    • Threats to information systems: Today's reality, yesterday's understanding
    • Loch, K.D., Carr, H.H., & Warkentin, M.E. (1992). Threats to information systems: Today's reality, yesterday's understanding. MIS Quarterly, 16(2), 173-186.
    • (1992) MIS Quarterly , vol.16 , Issue.2 , pp. 173-186
    • Loch, K.D.1    Carr, H.H.2    Warkentin, M.E.3
  • 27
    • 25144472614 scopus 로고
    • Information systems security
    • J. Peppard (Ed.). London: Pitman Publishing
    • Menzies, R. (1993). Information systems security. In J. Peppard (Ed.), IT strategy for business. London: Pitman Publishing.
    • (1993) IT Strategy for Business
    • Menzies, R.1
  • 29
    • 0003724905 scopus 로고
    • Information systems security: Scope, state of the art and evaluation of techniques
    • Pernul, G. (1995). Information systems security: Scope, state of the art and evaluation of techniques. International Journal of Information Management, 75(3), 165-180.
    • (1995) International Journal of Information Management , vol.75 , Issue.3 , pp. 165-180
    • Pernul, G.1
  • 31
    • 0001775054 scopus 로고
    • An empirical assessment of information systems planning and the role of information systems in organizations
    • Premkumar, G. & King, W.R. (1992). An empirical assessment of information systems planning and the role of information systems in organizations. Journal of Management Information Systems, 19(2), 99-125.
    • (1992) Journal of Management Information Systems , vol.19 , Issue.2 , pp. 99-125
    • Premkumar, G.1    King, W.R.2
  • 34
    • 0001133137 scopus 로고    scopus 로고
    • Coping with systems risk: Security planning models for management decision making
    • Straub, D.W. & Welke, R.J. (1998). Coping with systems risk: Security planning models for management decision making. MIS Quarterly, 22(4), 441-470.
    • (1998) MIS Quarterly , vol.22 , Issue.4 , pp. 441-470
    • Straub, D.W.1    Welke, R.J.2
  • 35
    • 3042812983 scopus 로고    scopus 로고
    • The ten deadly sins of information security management
    • von Solms, B. & von Solms, R. (2004). The ten deadly sins of information security management. Computers & Security, 23, 371-376.
    • (2004) Computers & Security , vol.23 , pp. 371-376
    • Von Solms, B.1    Von Solms, R.2
  • 37
    • 1242265154 scopus 로고    scopus 로고
    • In defense of the realm: Understanding threats to information security
    • Whitman. (2004). In defense of the realm: Understanding threats to information security. International Journal of Information Management, 24, 3-4.
    • (2004) International Journal of Information Management , vol.24 , pp. 3-4
    • Whitman1
  • 38
    • 0000613590 scopus 로고    scopus 로고
    • Writing infosec policies
    • Wood, C.C. (1996). Writing infosec policies. Computers & Security, 14(8), 667-674.
    • (1996) Computers & Security , vol.14 , Issue.8 , pp. 667-674
    • Wood, C.C.1
  • 39
    • 18844458431 scopus 로고    scopus 로고
    • An unappreciated reason why information security policies fail
    • Wood, C.C. (2000). An unappreciated reason why information security policies fail. Computer Fraud & Security, 10, 13-14.
    • (2000) Computer Fraud & Security , vol.10 , pp. 13-14
    • Wood, C.C.1

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.