Publicação
Applying action research in the adoption of information systems security policies
| Resumo: | Information Systems Security (ISS) is a critical issue for a wide range of organizations. This paper focuses on organizations belonging to a particular sector, namely Local Public Administration, where public and personal information must be protected by those in charge, and where there must be a concern to view security as a priority. There are several measures which can be implemented in order to ensure the effective protection of information assets, among which stands out the adoption of ISS policies. A recent census concluded that among the 308 Town Councils in Portugal, only 38 indicated to have an ISS policy. The conclusion drawn from that study was that the adoption of ISS policies has not become a reality yet. As an attempt to mitigate this fact, an academic-practitioner collaboration effort was established regarding the implementation of ISS policies in three Town Councils. These interventions were conceived as Action Research projects. This article aims to constitute an empirical study on the applicability of the Action Research method in information systems, more specifically through the implementation of an ISS policy in Town Councils where previous attempts to adopt a policy have failed. The research question we intend to answer is to what extent this research method is adequate to reach the proposed goal. The results of the study suggest that Action Research is a promising means for the institutionalization of ISS policies adoption. It can both act as a research method, improving the understanding among researchers about the issues that hinder such adoption, and as a change method, assisting practitioners to overcome barriers that have prevented the implementation of ISS policies. |
|---|---|
| Autores principais: | Lopes, Isabel Maria |
| Outros Autores: | Sá-Soares, Filipe de |
| Assunto: | Action research Information Systems Security Policies |
| Ano: | 2013 |
| País: | Portugal |
| Tipo de documento: | comunicação em conferência |
| Tipo de acesso: | acesso aberto |
| Instituição associada: | Instituto Politécnico de Bragança |
| Idioma: | inglês |
| Origem: | Biblioteca Digital do IPB |
Registos relacionados
Applying action research in the adoption of information systems security policies
por: Lopes, Isabel
Publicado em: (2013)
por: Lopes, Isabel
Publicado em: (2013)
Applying action research in the formulation of information security policies
por: Lopes, Isabel Maria
Publicado em: (2015)
por: Lopes, Isabel Maria
Publicado em: (2015)
Implementation of an information systems security policy: action research
por: Lopes, Isabel Maria
Publicado em: (2014)
por: Lopes, Isabel Maria
Publicado em: (2014)
Evaluation of the adoption of an information systems security policy
por: Lopes, Isabel Maria
Publicado em: (2015)
por: Lopes, Isabel Maria
Publicado em: (2015)
Adoption of an information systems security policy in small and medium sized enterprises
por: Lopes, Isabel Maria
Publicado em: (2016)
por: Lopes, Isabel Maria
Publicado em: (2016)
Institutionalization of information systems security policies adoption: factors and guidelines
por: Lopes, Isabel Maria
Publicado em: (2014)
por: Lopes, Isabel Maria
Publicado em: (2014)
Information systems security policies adoption: an institutional theory view
por: Lopes, Isabel Maria
Publicado em: (2014)
por: Lopes, Isabel Maria
Publicado em: (2014)
Institutionalization of information systems security policies adoption: factors and guidelines
por: Lopes, Isabel Maria
Publicado em: (2014)
por: Lopes, Isabel Maria
Publicado em: (2014)
Definition of information systems security policies
por: Lopes, Isabel Maria
Publicado em: (2017)
por: Lopes, Isabel Maria
Publicado em: (2017)
Information systems security policies adoption: an institutional theory view
por: Lopes, Isabel
Publicado em: (2014)
por: Lopes, Isabel
Publicado em: (2014)
Information systems security policies : a survey in portuguese public administration
por: Lopes, Isabel Maria
Publicado em: (2010)
por: Lopes, Isabel Maria
Publicado em: (2010)
Information systems security policies: a survey in Portuguese public administration
por: Lopes, Isabel Maria
Publicado em: (2010)
por: Lopes, Isabel Maria
Publicado em: (2010)
The security policy application process: action research
por: Lopes, Isabel Maria
Publicado em: (2016)
por: Lopes, Isabel Maria
Publicado em: (2016)
Implementation of information systems security policies: a survey in small and medium sized enterprises
por: Lopes, Isabel Maria
Publicado em: (2015)
por: Lopes, Isabel Maria
Publicado em: (2015)
Adoption of information sistems security policies in Mozambican universities
por: Lopes, Isabel Maria
Publicado em: (2018)
por: Lopes, Isabel Maria
Publicado em: (2018)
Information security policies: a content analysis
por: Lopes, Isabel Maria
Publicado em: (2012)
por: Lopes, Isabel Maria
Publicado em: (2012)
Architecture of information security policies: a content analysis
por: Lopes, Isabel Maria
Publicado em: (2016)
por: Lopes, Isabel Maria
Publicado em: (2016)
Information systems security policies in the local public administration in Portugal
por: Lopes, Isabel Maria
Publicado em: (2009)
por: Lopes, Isabel Maria
Publicado em: (2009)
Promoting communication skills for information systems students in Australian and Portuguese higher education : action research study
por: Isaias, Pedro
Publicado em: (2014)
por: Isaias, Pedro
Publicado em: (2014)
Injecting security into information systems development
por: Lapke, Michael
Publicado em: (2010)
por: Lapke, Michael
Publicado em: (2010)
Key issues in information systems security management
por: Polónia, Fernando
Publicado em: (2013)
por: Polónia, Fernando
Publicado em: (2013)
Information security policies: a content analysis
por: Lopes, Isabel Maria
Publicado em: (2012)
por: Lopes, Isabel Maria
Publicado em: (2012)
Information security on Portuguese statutory auditors firms
por: Lima, I.
Publicado em: (2020)
por: Lima, I.
Publicado em: (2020)
Information systems security outsourcing key issues: a service providers' perspective
por: Pereira, Luís
Publicado em: (2012)
por: Pereira, Luís
Publicado em: (2012)
Information systems security outsourcing key issues: a service providers’ perspective
por: Pereira, Luís Filipe Xavier
Publicado em: (2011)
por: Pereira, Luís Filipe Xavier
Publicado em: (2011)
Product information management for complex modular security systems
por: Matos, Alexandra Isabel de Sousa
Publicado em: (2021)
por: Matos, Alexandra Isabel de Sousa
Publicado em: (2021)
Information systems security management key issues in local government
por: Soares, Delfina de Sá
Publicado em: (2014)
por: Soares, Delfina de Sá
Publicado em: (2014)
Factores críticos de sucesso para a Implementação de uma política de segurança em clínicas de saúde
por: Lopes, Isabel Maria
Publicado em: (2015)
por: Lopes, Isabel Maria
Publicado em: (2015)
A preventive action management platform in healthcare information systems
por: Peixoto, Hugo
Publicado em: (2015)
por: Peixoto, Hugo
Publicado em: (2015)
Information security threat assessment using social engineering in the organizational context: literature review
por: Lopes, António
Publicado em: (2022)
por: Lopes, António
Publicado em: (2022)
Information security threat assessment using social engineering in the organizational context: literature review
por: Lopes, António
Publicado em: (2022)
por: Lopes, António
Publicado em: (2022)
ScheduleIT - open-source preventive actions management platform in healthcare information system
por: Peixoto, Hugo
Publicado em: (2012)
por: Peixoto, Hugo
Publicado em: (2012)
Looking deep at current research information systems: the information science perspective in higher education
por: Fernandes, Sofia
Publicado em: (2018)
por: Fernandes, Sofia
Publicado em: (2018)
Farming system change under different climate scenarios and its impact on food security : an analytical framework to inform adaptation policy in developing countries
por: Abbas, Máriam
Publicado em: (2023)
por: Abbas, Máriam
Publicado em: (2023)
A European Union of security and defense : seizing the moment
por: Lagarto, Beatriz Moura
Publicado em: (2019)
por: Lagarto, Beatriz Moura
Publicado em: (2019)
Action, design & research: A process meta-model
por: Henriques, T.
Publicado em: (2020)
por: Henriques, T.
Publicado em: (2020)
Understanding information security culture: a survey in small and medium sized enterprises
por: Lopes, Isabel Maria
Publicado em: (2014)
por: Lopes, Isabel Maria
Publicado em: (2014)
A meta-analysis of information systems research diversity in Portugal
por: Esteves, José
Publicado em: (2003)
por: Esteves, José
Publicado em: (2003)
Territoriality and Health Policy: Contributions to Research and Action
por: Chiara,Magdalena
Publicado em: (2016)
por: Chiara,Magdalena
Publicado em: (2016)
Territoriality and Health Policy: Contributions to Research and Action
por: Chiara, Magdalena
Publicado em: (2016)
por: Chiara, Magdalena
Publicado em: (2016)