Information Security Policies in Large Organizations

2008 ◽  
pp. 2727-2744
Author(s):  
Neil F. Doherty ◽  
Heather Fulford
Keyword(s):  
United Kingdom ◽  
Information Security ◽  
Conceptual Framework ◽  
Security Policy ◽  
Progress Report ◽  
Security Policies ◽  
Security Breaches ◽  
The United Kingdom ◽  
It Managers ◽  
The Relationship

While the importance of the information security policy (ISP) is widely acknowledged in the academic literature, there has, to date, been little empirical analysis of its impact. To help fill this gap a study was initiated that sought to explore the relationship between the uptake, scope and dissemination of information security policies and the accompanying levels of security breaches. To this end, a questionnaire was designed, validated and then targeted at IT managers within large organisations in the United Kingdom. The aim of this chapter is to provide a progress report on this study by describing the objectives of the research and the design of the conceptual framework.

Information Security Policies in Large Organizations

2011 ◽  
pp. 238-260
Author(s):  
Neil F. Doherty ◽  
Heather Fulford
Keyword(s):  
United Kingdom ◽  
Information Security ◽  
Conceptual Framework ◽  
Security Policy ◽  
Progress Report ◽  
Security Policies ◽  
Security Breaches ◽  
The United Kingdom ◽  
It Managers ◽  
The Relationship

While the importance of the information security policy (ISP) is widely acknowledged in the academic literature, there has, to date, been little empirical analysis of its impact. To help fill this gap a study was initiated that sought to explore the relationship between the uptake, scope and dissemination of information security policies and the accompanying levels of security breaches. To this end, a questionnaire was designed, validated and then targeted at IT managers within large organisations in the United Kingdom. The aim of this chapter is to provide a progress report on this study by describing the objectives of the research and the design of the conceptual framework.

Exploring the Effectiveness of Information Security Policies

2011 ◽  
pp. 43-66
Author(s):  
Neil F. Doherty ◽  
Heather Fulford
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Human Error ◽  
Security Policies ◽  
Unexpected Finding ◽  
Security Breaches ◽  
The United Kingdom ◽  
Significant Relationships ◽  
It Managers ◽  
Information Assets

Ensuring the security of corporate information assets has become an extremely complex, challenging and high-priority activity, due partly to their growing organizational importance, but also because of their increasing vulnerability to attacks from viruses, hackers, criminals, and human error. Consequently, organizations are having to prioritise the security of their computer systems, to ensure that their information assets retain their accuracy, confidentiality, and availability. Whilst the importance of the information security policy (InSPy) in ensuring the security of information is widely acknowledged, there has, to date, been little empirical analysis of its impact or effectiveness in this role. To help fill this gap an exploratory study was initiated that sought to investigate the relationship between the uptake and application of information security policies and the accompanying levels of security breaches. To this end a questionnaire was designed, validated, and then targeted at IT managers within large organisations in the United Kingdom. The findings, presented in this chapter, are somewhat surprising, as they show no statistically significant relationships between the adoption of information security policies and the incidence or severity of security breaches. The chapter concludes by exploring the possible interpretations of this unexpected finding, and its implications for the practice of information security management.

Do Information Security Policies Reduce the Incidence of Security Breaches

2011 ◽  
pp. 326-342
Author(s):  
Neil F. Doherty
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Human Error ◽  
Security Policies ◽  
Unexpected Finding ◽  
Security Breaches ◽  
Significant Relationships ◽  
It Managers ◽  
The Uk ◽  
The Relationship

Information is a critical corporate asset that has become increasingly vulnerable to attacks from viruses, hackers, criminals, and human error. Consequently, organizations are having to prioritize the security of their computer systems in order to ensure that their information assets retain their accuracy, confidentiality, and availability. While the importance of the information security policy (InSPy) in ensuring the security of information is acknowledged widely, to date there has been little empirical analysis of its impact or effectiveness in this role. To help fill this gap, an exploratory study was initiated that sought to investigate the relationship between the uptake and application of information security policies and the accompanying levels of security breaches. To this end, a questionnaire was designed, validated, and then targeted at IT managers within large organizations in the UK. The findings presented in this chapter are somewhat surprising, as they show no statistically significant relationships between the adoption of information security policies and the incidence or severity of security breaches. The chapter concludes by exploring the possible interpretations of this unexpected finding and its implications for the practice of information security management.

Do Information Security Policies Reduce the Incidence of Security Breaches

2008 ◽  
pp. 964-980
Author(s):  
Neil F. Doherty ◽  
Heather Fulford
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Human Error ◽  
Security Policies ◽  
Unexpected Finding ◽  
Security Breaches ◽  
Significant Relationships ◽  
It Managers ◽  
The Uk ◽  
The Relationship

Information is a critical corporate asset that has become increasingly vulnerable to attacks from viruses, hackers, criminals, and human error. Consequently, organizations are having to prioritize the security of their computer systems in order to ensure that their information assets retain their accuracy, confidentiality, and availability. While the importance of the information security policy (InSPy) in ensuring the security of information is acknowledged widely, to date there has been little empirical analysis of its impact or effectiveness in this role. To help fill this gap, an exploratory study was initiated that sought to investigate the relationship between the uptake and application of information security policies and the accompanying levels of security breaches. To this end, a questionnaire was designed, validated, and then targeted at IT managers within large organizations in the UK. The findings presented in this paper are somewhat surprising, as they show no statistically significant relationships between the adoption of information security policies and the incidence or severity of security breaches. The paper concludes by exploring the possible interpretations of this unexpected finding and its implications for the practice of information security management.

Social Media Homicide Confessions

2017 ◽  
Author(s):  
Elizabeth Yardley
Keyword(s):  
Social Media ◽  
United Kingdom ◽  
Conceptual Framework ◽  
Police Officers ◽  
Electronic Communication ◽  
Digital Communications ◽  
The United Kingdom ◽  
The World ◽  
The Relationship

As our interactions with others become ever more mediated by various forms of electronic communication, the relationship between crime and technology is becoming an increasingly important topic for both theoretical and practical studies of criminology. This book analyses digital communications as they play a part in contemporary homicide, drawing on a range of cases from the United Kingdom and elsewhere in the world — cases where killers confessed on social media, for example, or where their actions were traced using their digital communications. Offering a groundbreaking conceptual framework for people studying this issue, the book will be of great value to criminologists, students, and police officers.

scholarly journals Smart City Development in Taiwan: From the Perspective of the Information Security Policy

2020 ◽  
Vol 12 (7) ◽  
pp. 2916 ◽  
Author(s):  
Yung Chang Wu ◽  
Rui Sun ◽  
Yenchun Jim Wu
Keyword(s):  
Information Security ◽  
Smart City ◽  
Security Policy ◽  
Smart Cities ◽  
Mobile Internet ◽  
Security Policies ◽  
Information Security Policy ◽  
Organizational Information ◽  
The Impact ◽  
The Relationship

A smart city is developed through the Internet of Things (IoT), cloud computing, big data, mobile Internet, and other new generation technologies regarding information and communication, and data resources in various fields are integrated and applied. The issue of information security in the network era is the strategic focus, as well as the focus of people’s attention, during Taiwan’s smart city construction. Information security policies are the information security guidelines for organizations, and are key to the organization’s information security performance; moreover, such policies show the organization’s support and commitment to the information security of smart cities. This paper discusses the model of information security policy in Taiwan’s smart cities, uses Path Analysis to explore the characteristics of information security policy in smart cities, and examines the relationship between the formulation, implementation, maintenance, and effectiveness of information security policies. Furthermore, this study examines the impact on the effectiveness of organizational information security policies and information security performance from the following aspects: The length of information security policy publication time, policy review, policy advocacy, employee compliance, fair law enforcement, etc., which are all concrete manifestations of the formulation, implementation, and maintenance of information security policy models. Through a questionnaire survey, the correlation between various assumptions, as well as the relationship between organizational information security characteristics, information security policies, and the effectiveness of information security, are verified one by one during the implementation of information security policies. Finally, conclusions and implications are put forward.

INFORMATION SECURITY POLICY: A CRITICAL STUDY OF THE CONTENT OF UNIVERSITY POLICY

2021 ◽  
Vol 27 (4) ◽  
pp. 55-72
Author(s):  
T. Beydina ◽  
◽  
A. Kukharsky ◽  
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Security Management ◽  
Security Policies ◽  
Critical Study ◽  
Information Security Policy ◽  
University Policy ◽  
Security Breaches ◽  
Research Activities ◽  
Corporate Information

The article is relevant, as it provides an assessment of the information security of universities. Ensuring the security of corporate information, which is increasingly stored, processed and disseminated using information and communication technologies (ICT). This is a particularly important problem for knowledge-intensive organizations such as universal ones; the effective conduct of their main educational activities and research activities increasingly depends on the availability, integrity and accuracy of computer information resources. One of the more important mechanisms to reduce the number of security breaches, and thus corporate information, is the development and implementation of a formal information security policy (ISP). Although much has now been written about the importance and role of information security policies and approaches to formulating them, there is relatively little empirical material that is incorporated into the structure or content of security policies. The purpose of the article is to fill this gap in the literature through this method of using the structure and methods of authentic information security policies. Having established the parameters and key features of university policies, the article critically examines the concept of information security embedded in the policy. Two important conclusions can be drawn from this study: 1) the wide variety of disparate policies and standards used, whether there will be a consistent approach to security management; and 2) the range of specific issues explicitly covered by university policy, a surprisingly low and highly technocentric view of information security management. This article is one of the first to objectively, rigorously and independently assess the content of authentic information security policies and information security documentation frameworks in a well-organized organizational environment. The article notes that there are four different levels of information policy: “system security policy, product security policy, community security policy, and corporate information security policy.” All policies involve: personal use of information systems, information disclosure, physical security, breaches and hacks, viruses, system access control, mobile computing, internet access, software development, encryption and contingency planning

scholarly journals Insurance related problems in bareboat charter agreements

2021 ◽  
Vol 6 (1) ◽  
Author(s):  
Albano Gilabert Gascón
Keyword(s):  
United Kingdom ◽  
Supreme Court ◽  
Third Parties ◽  
Insurance Contract ◽  
The United Kingdom ◽  
The Supreme Court ◽  
The One ◽  
The Baltic ◽  
The Relationship

AbstractIn 2017, the majority of the United Kingdom Supreme Court held in its judgment in the Gard Marine and Energy v China National Chartering (The Ocean Victory) case that, in bareboat charters under the ‘BARECON 89’ form, if both the owner and the charterer are jointly insured under a hull policy, the damages caused to the vessel by the charterer cannot be claimed by the insurer by way of subrogation after indemnifying the owner. The interpretation of the charter party leads to the conclusion that the liability between the parties is excluded. Faced with the Supreme Court’s decision, the Baltic and International Maritime Council (BIMCO) adopted a new standard bareboat charter agreement only a few months later, the ‘BARECON 2017’ form, which amends, among other clauses, the one related to insurance. The present paper analyses (i) the new wording of the clause mentioned above and (ii) its incidence on the relationship between the parties of both the charter agreement and the insurance contract and its consequences for possible third parties. Despite BIMCO’s attempt to change the solution adopted by the Supreme Court and his willingness to allow the insurer to claim in subrogation against the person who causes the loss, the consequences, as it will be seen, do not differ much in practice when the wrongdoer is the co-insured charterer. On the contrary, when the loss is caused by a time charter or a sub-charter, in principle, there will be no impediment for the insurer to sue him.

The Welsh Eating Disorder Service Review 2018, Scottish Eating Disorder Service Review 2021 and recommendations of best practice in comorbid eating disorders and diabetes

2021 ◽  
pp. 135910452110138
Author(s):  
Jacinta Tan ◽  
Gemma Johns
Keyword(s):  
Eating Disorders ◽  
United Kingdom ◽  
Eating Disorder ◽  
High Mortality ◽  
Best Practice ◽  
Service Development ◽  
The United Kingdom ◽  
Scottish Government ◽  
The Relationship ◽  
Service Change

Background: Diabetes and eating disorders are frequently comorbid. This particular comorbidity is not only often poorly recognised, but is difficult to treat and has a high mortality. Method: In this article, we will briefly review the relationship between diabetes and eating disorders. We will review the current NICE and other guidance and reports concerning both diabetes and eating disorders in the United Kingdom. We will then describe the recommendations of the 2018 Welsh Government Eating Disorder Service Review and the 2021 the Scottish Government Eating Disorder Service Review regarding diabetes and eating disorders, which will lead to service change. Conclusions: We conclude that this is a relatively underdeveloped but important area where there needs to be further service development and more collaboration between diabetes and eating disorder services.

The Implementation of Constitutional Reform in the United Kingdom: Principles and Problems

1995 ◽  
Vol 29 (4) ◽  
pp. 551-564
Author(s):  
Dawn Oliver
Keyword(s):  
United Kingdom ◽  
Judicial Review ◽  
Common Law ◽  
Public Law ◽  
Constitutional Reform ◽  
Academic Literature ◽  
The United Kingdom ◽  
The Common ◽  
Executive Agencies ◽  
The Relationship

First, I want to express my gratitude and sense of honour in being invited to deliver the Lionel Cohen lecture for 1995. The relationship between the Israeli and the British legal systems is a close and mutually beneficial one, and we in Britain in particular owe large debts to the legal community in Israel. This is especially the case in my field, public law, where distinguished academics have enriched our academic literature, notably Justice Zamir, whose work on the declaratory judgment has been so influential. Israeli courts, too, have made major contributions to the development of the common law generally and judicial review very notably.In this lecture I want to discuss the process of constitutional reform in the United Kingdom, and to explore some of the difficulties that lie in the way of reform. Some quite radical reforms to our system of government — the introduction of executive agencies in the British civil service, for instance—have been introduced without resort to legislation. There has been a spate of reform to local government and the National Health Service.

Sign in / Sign up

Export Citation Format

Share Document