Information Security Policy: a contribution to the establishment of a minimum standard (original) (raw)

Abstract

This work aims to identify the elements that should comprise a minimum standard for information security policy of an organization. Seeks to answer the following research question: "What are the elements that should comprise a minimum standard for information security policy of an organization?” The structured process of information security is increasingly required for organizations and politics is a mandatory element of this process. Organizations that have deployed security policy information using a subset of the requirements of ISO / IEC 27002:2005. The large number of requirements of the standard creates difficulties for organizations that are in the initial stage of information security and must develop their policies. The existence of a minimum standard will help these organizations. The methodology used in this study reviews the literature on the subject of information security policy considering academic and business sources, the theoretical study of this issue and th...

Edison Fontes hasn't uploaded this paper.

Let Edison know you want this paper to be uploaded.

Ask for this paper to be uploaded.