Addressing SME Characteristics for Designing Information Security Maturity Models - Human Aspects of Information Security and Assurance Access content directly
Conference Papers Year : 2020

Addressing SME Characteristics for Designing Information Security Maturity Models

Abstract

This paper identifies the effects of small and medium-sized enterprises’ (SME) characteristics on the general design principles for maturity models in the information security domain. The purpose is to guide the research on information security maturity modelling for SMEs that will fit in form and function for their capability assessment and development purposes, and promote organizational learning and development. This study reviews the established frameworks of general design principles for maturity models and projects the design requirements of our envisioned information security maturity model for SMEs. Maturity models have different purposes of uses (descriptive, prescriptive and comparative) and design principles with respect to these purposes of uses. The mapping of SME characteristics and design principles facilitates the development of an information security maturity model that systematically integrates the desired qualities and components addressing SME characteristics and requirements.
Fichier principal
Vignette du fichier
497442_1_En_13_Chapter.pdf (123.45 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-03657728 , version 1 (03-05-2022)

Licence

Attribution

Identifiers

Cite

Bilge Yigit Ozkan, Marco Spruit. Addressing SME Characteristics for Designing Information Security Maturity Models. 14th International Symposium on Human Aspects of Information Security and Assurance (HAISA), Jul 2020, Mytilene, Lesbos, Greece. pp.161-174, ⟨10.1007/978-3-030-57404-8_13⟩. ⟨hal-03657728⟩
31 View
34 Download

Altmetric

Share

Gmail Facebook X LinkedIn More