Abstract: The literature indicates two major gaps in the study of information security in the companies: 1st the need to analyze it with multidisciplinary approaches, linking technological and business variables that managers can understand; 2nd study this issue into SMEs, because despite its importance in the economy are falling behind on the information security. This paper analyzes the information security policy as a process that links technological and business variables. From this point, research is conducted in 78 industrial SMEs to analyze: first, its degree of knowledge and application of information security policy and the issues that affect its development and second, the contribution of the information security policies to the value generation, finding positive evidence in this regard.

Autoría

Descargar referencia