2011-09-01
Implementing international standards for Information Security Management in China and Europe: a comparative multi-case study
Publication
Publication
Technology Analysis & Strategic Management , Volume 23 - Issue 8 p. 865- 879
The leading international standards for information security management, ISO/IEC 27001 and ISO/IEC 27002 originate from the UK, but are applied worldwide. This paper explores whether the processes of selection, implementation and use of these interrelated standards differ between China and Europe by studying cases of Chinese and European companies. Chinese companies face some additional problems with the standards but manage to get them successfully implemented in a short period of time. Main differences relate to governance and management of standard adoption. This study is innovative in the method used for standardisation research (comparative multi-case study), and the topic: implementation and impact of information security management standards.
| Additional Metadata | |
|---|---|
| , | |
| doi.org/10.1080/09537325.2011.604155, hdl.handle.net/1765/25840 | |
| ERIM Article Series (EAS) | |
| Technology Analysis & Strategic Management | |
| Organisation | Erasmus Research Institute of Management |
|
van Wessel, R., Yang, X., & de Vries, H. (2011). Implementing international standards for Information Security Management in China and Europe: a comparative multi-case study
. Technology Analysis & Strategic Management, 23(8), 865–879. doi:10.1080/09537325.2011.604155 |
|