Business Impacts of International Standards for Information Security Management. Lessons from Case Companies

  • M. van Wessel R
  • De Vries H
N/ACitations
Citations of this article
22Readers
Mendeley users who have this article in their library.

Abstract

This paper describes the business impact of two international standards for information security management: ISO/IEC 27001 and ISO/IEC 27002. Six company cases show that companies had different reasons for wanting to implement these standards, but that they achieved most of their objectives. Benefits include improved service quality, higher customer satisfaction, and in some cases, new business opportunities. A number of common success factors ensure the objectives can be achieved, and financial and non-financial benefits can indeed be obtained. The lessons learnt from these cases can help other companies to also reap such benefits.

Cite

CITATION STYLE

APA

M. van Wessel, R., & De Vries, H. J. (2013). Business Impacts of International Standards for Information Security Management. Lessons from Case Companies. Journal of ICT Standardization, 25–40. https://doi.org/10.13052/jicts2245-800x.122

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free