Australian Information Security Management Conference

Document Type

Conference Proceeding

Publisher

secau Security Research Centre, Edith Cowan University, Perth, Western Australia

Comments

Originally published in the Proceedings of the 9th Australian Information Security Management Conference, Edith Cowan University, Perth Western Australia, 5th -7th December, 2011

Abstract

The Information Security Policy (ISP) of an organisation is expected to specify for employees their behaviour towards security, and the security ethos of the organisation. However, there are a wide range of opinions and expertise that should be considered by organisations when developing an ISP. This paper aims to identify the stakeholders that should be utilised in an ISP development process and how this may differ based on organisational size. The research identifies from literature nine stakeholder roles that are suggested to be required in an ISP development process. Contextual interviews are then used to validate these nine stakeholder roles from a practical perspective.

DOI

10.4225/75/57b546fecd8c6

Share

 
COinS