Abstract

The ISO/IEC 17799 standard (2005) is commonly viewed as a necessary element in information security management. However, there is no empirical evidence of the usefulness of the standard in practice. To study this issue, this study analyses the implementation experiences of four organisations that have implemented the ISO/IEC 17799 (2005) standard. Through semi-structured interviews, the results of the study suggest that the standard served the needs of the small and medium-sized enterprises well and its intended usage correlates quite well with small and medium-sized organisations’ practice.

Recommended Citation

Wiander, Timo, "ISO/IEC 17799 Standard’s Intended Usage and Actual Use by the Practitioners" (2007). ACIS 2007 Proceedings. 74.
https://aisel.aisnet.org/acis2007/74

Download

COinS

ACIS 2007 Proceedings

ISO/IEC 17799 Standard’s Intended Usage and Actual Use by the Practitioners

Abstract

Recommended Citation

Search

Links

Browse

Author Corner

ACIS 2007 Proceedings

ISO/IEC 17799 Standard’s Intended Usage and Actual Use by the Practitioners

Authors

Abstract

Recommended Citation

Share

Search

Links

Browse

Author Corner