Title: An investigation on compliance with ISO 27001 in Cypriot private and public organisations

Authors: Ioanna Dionysiou

Addresses: Department of Computer Science, School of Sciences, University of Nicosia, 46 Makedonitissas Avenue, P.O. Box 24005, 1700 Nicosia, Cyprus

Abstract: This paper presents the results of an investigation on current security practices in Cypriot organisations, including enterprises and public sector divisions. To gain knowledge on the deployed security technologies by organisations, a survey was conducted and concluded in late 2010. The survey primarily examined compliance of current security policies and procedures with ISO 27001 security recommendations. A research analysis has been performed and identified that security mechanisms and the management of IT resources may be improved on a number of aspects. Based on the research findings, an assessment of the viability of ISO 27001 in Cyprus is given.

Keywords: ISO 27001; services; security practices; Cyprus; security technology; information security management systems; ISMS; security standards; information technology; information management.

DOI: 10.1504/IJSS.2011.045049

International Journal of Services and Standards, 2011 Vol.7 No.3/4, pp.197 - 234

Published online: 20 Jan 2012 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article