%0 Journal Article %1 jr2016information %A Jr., Noli B. Lucila %D 2016 %J IJIRIS::International Journal of Innovative Research in Information Security %K development information literature policy security %N 4 %P 01-06 %T Information Security Policy Development: A Literature Review %U http://www.ijiris.com/volumes/Vol3/iss4/01.APIS10082.pdf %V 3 %X Information security policy is one of the most important security controls, and considered as the foundation of any security regime in an organization. In fact, failure to formulate an information security policy is said to be one of the deadly sins in information security management. It is also evident that many organizations face difficulty constructing this document, its content and structure in particular. In this vein, a number of developed policy frameworks or models in the formulation of information security policy have been proposed and published in academic journals. The purpose of this study, therefore, was to review the actual state of the literature for the last 15 years (2001-2015) focusing on information security policy frameworks and models. This paper has found that there is still limited number of frameworks and models available, supported by empirical surveys. Since the development and implementation of an information security policy involves social, political, economic and technological factors, this paper, therefore, suggests further research towards an integrated theory-based security policy frameworks and models using social and organizational theories. In addition, existing models or frameworks from other fields such as management, engineering, social sciences may also be considered

@article{jr2016information, abstract = {Information security policy is one of the most important security controls, and considered as the foundation of any security regime in an organization. In fact, failure to formulate an information security policy is said to be one of the deadly sins in information security management. It is also evident that many organizations face difficulty constructing this document, its content and structure in particular. In this vein, a number of developed policy frameworks or models in the formulation of information security policy have been proposed and published in academic journals. The purpose of this study, therefore, was to review the actual state of the literature for the last 15 years (2001-2015) focusing on information security policy frameworks and models. This paper has found that there is still limited number of frameworks and models available, supported by empirical surveys. Since the development and implementation of an information security policy involves social, political, economic and technological factors, this paper, therefore, suggests further research towards an integrated theory-based security policy frameworks and models using social and organizational theories. In addition, existing models or frameworks from other fields such as management, engineering, social sciences may also be considered}, added-at = {2016-07-13T17:08:34.000+0200}, author = {Jr., Noli B. Lucila}, biburl = {https://www.bibsonomy.org/bibtex/2dfa8985ec932062057d26bb2fdcfdfae/ijiris}, description = {International Journal of Innovative Research in Information Security is an International peer-reviewed research publishing journal with a laser-beam focal aim of promoting and publishing original high quality research dealing with theoretical and scientific aspects in all disciplines of Information Technology. It is a monthly published online international scientific research journal focusing on issues in information technology research.}, interhash = {ae759ae8f375f5db784398168d759199}, intrahash = {dfa8985ec932062057d26bb2fdcfdfae}, journal = {IJIRIS::International Journal of Innovative Research in Information Security}, keywords = {development information literature policy security}, month = {April}, number = 4, pages = {01-06}, timestamp = {2016-07-13T17:08:34.000+0200}, title = {Information Security Policy Development: A Literature Review}, url = {http://www.ijiris.com/volumes/Vol3/iss4/01.APIS10082.pdf}, volume = 3, year = 2016 }