1、2850 英文单词,英文单词,1.6 万英文字符万英文字符,中文中文 5500 字字 文献出处:文献出处:Alqahtani F H. Developing an information security policy: a case study approachJ. Procedia Computer Science, 2017, 124: 691-697. Developing an Information Security Policy: A Case Study Approach Fayez Hussain Alqahtani Abstract Organisational infor
2、mation and data must be protected from active and passive attacks and secured from illegal access, unwanted interruption, unauthorised alteration or annihilation. Many organisations fall victim to such attacks due to weak information security policies (ISPs). Also, disrupting these IS policies by IT
3、 users makes organisations under information security threats. This study explored the implementation of ISPs within a large organisation to evaluate policy adequacy and to determine user awareness and compliance with such policies. Employing a case study approach, this research found that the infor
4、mation security focus areas included in this organisation ISPs are password management; use of email, the Internet and social networking sites; mobile computing; and information handling. However, the maturity levels of these elements varied among focus areas due to a lack of ISP awareness and compliance among users. Keywords: Information Security; Information Security Policy; IS Awareness; ISP Maturity; Case Study. 1. Introduction Information security (IS) remains one of the critical concern
