This paper presents the results of an empirical investigation concerning the approachesadopted by Italian companies in dealing with information security issues. Such results arecompared to an ideal, integrated information system planning approach where informationneeds and security issues are jointly taken into account. Data analysis shows thatrespondents ascribe to information security a rather high relevance for their business, and thereis a formal conformity of business practices with the steps included in the proposed model,especially as far as high level, conceptual activities are concerned. Despite that, in thecompanies which have been examined, security systems appear to be still inadequate,especially as far as organizational issues are concerned.
Looking for security-oriented information systems: risk perception and management in italian companies
VOLPENTESTA, Antonio Palmiro;PALMIERI, Roberto
2006-01-01
Abstract
This paper presents the results of an empirical investigation concerning the approachesadopted by Italian companies in dealing with information security issues. Such results arecompared to an ideal, integrated information system planning approach where informationneeds and security issues are jointly taken into account. Data analysis shows thatrespondents ascribe to information security a rather high relevance for their business, and thereis a formal conformity of business practices with the steps included in the proposed model,especially as far as high level, conceptual activities are concerned. Despite that, in thecompanies which have been examined, security systems appear to be still inadequate,especially as far as organizational issues are concerned.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
