學術產出-Periodical Articles

Article View/Open

Publication Export

Google ScholarTM

政大圖書館

Citation Infomation

題名 An empirical study of information security policy on information security elevation in Taiwan
作者 Hong, Kwo-Shing; Chi, Yen-Ping;Chao, Louis R;Tang, Jih-Hsing
季延平
貢獻者 資管系
關鍵詞 Data security; Security products; Critical path analysis
日期 2006
上傳時間 14-Jan-2015 15:54:50 (UTC+8)
摘要 With the popularity of e-commerce, information security is vital to most organizations. For managers, building and implementing an information security policy (ISP) has long been assumed to be an effective managerial measure to elevate an organization`s security level. This paper attempts to investigate the dominant factors for an organization to build an ISP, and whether an ISP may elevate an organization`s security level. A survey was designed and the data were collected from 165 chief information officers in Taiwan. The empirical results show that some organizational characteristics (business type and MIS/IS department size) might be good predictors for the ISP adoption and that the functions, contents, implementation and procedures of an ISP may significantly contribute to managers` perceived elevation of information security. Building or adopting an ISP is examined empirically to be an effective managerial measure to elevate its security level in Taiwan, and the building of an information security should focus on the comprehensiveness of its contents, procedures and implementation items, rather than on the documents only. Few empirical studies have been conducted so far to examine the effectiveness of an ISP, thus the value of this paper is high
關聯 Information Management & Computer Security, 14(2), 104-115
資料類型 article
DOI http://dx.doi.org/10.1108/09685220610655861
dc.contributor 資管系-
dc.creator (作者) Hong, Kwo-Shing; Chi, Yen-Ping;Chao, Louis R;Tang, Jih-Hsing-
dc.creator (作者) 季延平-
dc.date (日期) 2006-
dc.date.accessioned 14-Jan-2015 15:54:50 (UTC+8)-
dc.date.available 14-Jan-2015 15:54:50 (UTC+8)-
dc.date.issued (上傳時間) 14-Jan-2015 15:54:50 (UTC+8)-
dc.identifier.uri (URI) http://140.119.115.13/handle/140.119/72875-
dc.description.abstract (摘要) With the popularity of e-commerce, information security is vital to most organizations. For managers, building and implementing an information security policy (ISP) has long been assumed to be an effective managerial measure to elevate an organization`s security level. This paper attempts to investigate the dominant factors for an organization to build an ISP, and whether an ISP may elevate an organization`s security level. A survey was designed and the data were collected from 165 chief information officers in Taiwan. The empirical results show that some organizational characteristics (business type and MIS/IS department size) might be good predictors for the ISP adoption and that the functions, contents, implementation and procedures of an ISP may significantly contribute to managers` perceived elevation of information security. Building or adopting an ISP is examined empirically to be an effective managerial measure to elevate its security level in Taiwan, and the building of an information security should focus on the comprehensiveness of its contents, procedures and implementation items, rather than on the documents only. Few empirical studies have been conducted so far to examine the effectiveness of an ISP, thus the value of this paper is high-
dc.format.extent 91593 bytes-
dc.format.mimetype application/pdf-
dc.relation (關聯) Information Management & Computer Security, 14(2), 104-115-
dc.subject (關鍵詞) Data security; Security products; Critical path analysis-
dc.title (題名) An empirical study of information security policy on information security elevation in Taiwan-
dc.type (資料類型) articleen
dc.identifier.doi (DOI) 10.1108/09685220610655861en_US
dc.doi.uri (DOI) http://dx.doi.org/10.1108/09685220610655861 en_US