Integration of policy aspects into information security issues in South African organisations
Author(s) -
Rabelani Dagada,
Mariki M. Eloff
Publication year - 2013
Publication title -
african journal of business management
Language(s) - English
Resource type - Journals
ISSN - 1993-8233
DOI - 10.5897/ajbm12.979
Subject(s) - information security , competitor analysis , business , information security management , security policy , public relations , key (lock) , certified information security manager , security information and event management , computer security , political science , cloud computing security , network security policy , security service , law , marketing , computer science , cloud computing
Information for individual organisations should always be secured. Organisations need to protect their information from attackers or competitors as these could lead to law suits or loss of business. With the more advanced network technology, information security risks and threats are believed to be on the increase and becoming even more sophisticated. This paper assesses how South African organisations integrate legal and policy aspects when they deal with information security issues. Qualitative research methods were employed to gather and analyse data for the study. Results show that participation by top management in the provision of information security policies is very minimal in organisations. Again, most information security practitioners are not familiar with the legal and policy aspects that they are supposed to integrate in the implementation of information security and thus most organisations in the country are not complying with the law. Key words: Security risks, South African, organisations, Information Security Policies, legal compliance.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom