Files

Abstract

This paper presents the results of an empirical investigation concerning the approaches adopted by Italian companies in dealing with information security issues. Such results are compared to an ideal, integrated information system planning approach where information needs and risk management are jointly taken into account. Data analysis shows that respondents ascribe to information security a rather high relevance for their business, and there is a formal conformity of business practices to the phases included in the proposed model, especially as far as high level, conceptual activities are concerned. Despite that, in the companies which have been examined, security systems appear to be still inadequate, especially as far as organizational issues are concerned.

Details

PDF

Statistics

from
to
Export
Download Full History