{"id":"https://openalex.org/W1967972019","doi":"https://doi.org/10.4018/irmj.2005100102","title":"Do Information Security Policies Reduce the Incidence of Security Breaches","display_name":"Do Information Security Policies Reduce the Incidence of Security Breaches","publication_year":2005,"publication_date":"2005-10-01","ids":{"openalex":"https://openalex.org/W1967972019","doi":"https://doi.org/10.4018/irmj.2005100102","mag":"1967972019"},"language":"en","primary_location":{"id":"doi:10.4018/irmj.2005100102","is_oa":false,"landing_page_url":"https://doi.org/10.4018/irmj.2005100102","pdf_url":null,"source":{"id":"https://openalex.org/S114639657","display_name":"Information Resources Management Journal","issn_l":"1040-1628","issn":["1040-1628","1533-7979"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320424","host_organization_name":"IGI Global","host_organization_lineage":["https://openalex.org/P4310320424"],"host_organization_lineage_names":["IGI Global"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Resources Management Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5017409920","display_name":"Neil F. Doherty","orcid":"https://orcid.org/0000-0002-2757-9118"},"institutions":[{"id":"https://openalex.org/I143804889","display_name":"Loughborough University","ror":"https://ror.org/04vg4w365","country_code":"GB","type":"education","lineage":["https://openalex.org/I143804889"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Neil F. Doherty","raw_affiliation_strings":["Loughborough University, UK","Loughborough University, (UK)"],"affiliations":[{"raw_affiliation_string":"Loughborough University, UK","institution_ids":["https://openalex.org/I143804889"]},{"raw_affiliation_string":"Loughborough University, (UK)","institution_ids":["https://openalex.org/I143804889"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5113848134","display_name":"Heather Fulford","orcid":null},"institutions":[{"id":"https://openalex.org/I143804889","display_name":"Loughborough University","ror":"https://ror.org/04vg4w365","country_code":"GB","type":"education","lineage":["https://openalex.org/I143804889"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Heather Fulford","raw_affiliation_strings":["Loughborough University, UK","Loughborough University, (UK)"],"affiliations":[{"raw_affiliation_string":"Loughborough University, UK","institution_ids":["https://openalex.org/I143804889"]},{"raw_affiliation_string":"Loughborough University, (UK)","institution_ids":["https://openalex.org/I143804889"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5017409920"],"corresponding_institution_ids":["https://openalex.org/I143804889"],"apc_list":null,"apc_paid":null,"fwci":6.442,"has_fulltext":false,"cited_by_count":93,"citation_normalized_percentile":{"value":0.96000398,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":100},"biblio":{"volume":"18","issue":"4","first_page":"21","last_page":"39"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9939000010490417,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.7714052200317383},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.7501910328865051},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.7120204567909241},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.7043150663375854},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.6520936489105225},{"id":"https://openalex.org/keywords/information-security-audit","display_name":"Information security audit","score":0.6359727382659912},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.6127352118492126},{"id":"https://openalex.org/keywords/certified-information-security-manager","display_name":"Certified Information Security Manager","score":0.5711705684661865},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5357389450073242},{"id":"https://openalex.org/keywords/information-systems-security","display_name":"Information systems security","score":0.5289086103439331},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.5186271071434021},{"id":"https://openalex.org/keywords/standard-of-good-practice","display_name":"Standard of Good Practice","score":0.4657130539417267},{"id":"https://openalex.org/keywords/information-security-standards","display_name":"Information security standards","score":0.45917442440986633},{"id":"https://openalex.org/keywords/corporate-security","display_name":"Corporate security","score":0.4582492709159851},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.4571506977081299},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.43791598081588745},{"id":"https://openalex.org/keywords/information-system","display_name":"Information system","score":0.3501555323600769},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3196907043457031},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.30486688017845154},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.22321796417236328},{"id":"https://openalex.org/keywords/management-information-systems","display_name":"Management information systems","score":0.20054632425308228},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.1949891746044159},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.19137299060821533},{"id":"https://openalex.org/keywords/corporate-governance","display_name":"Corporate governance","score":0.11797240376472473},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.11221912503242493},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.09048205614089966}],"concepts":[{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.7714052200317383},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.7501910328865051},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.7120204567909241},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.7043150663375854},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.6520936489105225},{"id":"https://openalex.org/C39358052","wikidata":"https://www.wikidata.org/wiki/Q2578632","display_name":"Information security audit","level":5,"score":0.6359727382659912},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.6127352118492126},{"id":"https://openalex.org/C180823521","wikidata":"https://www.wikidata.org/wiki/Q1662502","display_name":"Certified Information Security Manager","level":5,"score":0.5711705684661865},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5357389450073242},{"id":"https://openalex.org/C2988319471","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information systems security","level":4,"score":0.5289086103439331},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.5186271071434021},{"id":"https://openalex.org/C47309137","wikidata":"https://www.wikidata.org/wiki/Q7598357","display_name":"Standard of Good Practice","level":5,"score":0.4657130539417267},{"id":"https://openalex.org/C139547956","wikidata":"https://www.wikidata.org/wiki/Q6031202","display_name":"Information security standards","level":5,"score":0.45917442440986633},{"id":"https://openalex.org/C179681481","wikidata":"https://www.wikidata.org/wiki/Q5172490","display_name":"Corporate security","level":3,"score":0.4582492709159851},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.4571506977081299},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.43791598081588745},{"id":"https://openalex.org/C180198813","wikidata":"https://www.wikidata.org/wiki/Q121182","display_name":"Information system","level":2,"score":0.3501555323600769},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3196907043457031},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.30486688017845154},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.22321796417236328},{"id":"https://openalex.org/C29848774","wikidata":"https://www.wikidata.org/wiki/Q61905","display_name":"Management information systems","level":3,"score":0.20054632425308228},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.1949891746044159},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.19137299060821533},{"id":"https://openalex.org/C39389867","wikidata":"https://www.wikidata.org/wiki/Q380767","display_name":"Corporate governance","level":2,"score":0.11797240376472473},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.11221912503242493},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.09048205614089966},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.4018/irmj.2005100102","is_oa":false,"landing_page_url":"https://doi.org/10.4018/irmj.2005100102","pdf_url":null,"source":{"id":"https://openalex.org/S114639657","display_name":"Information Resources Management Journal","issn_l":"1040-1628","issn":["1040-1628","1533-7979"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320424","host_organization_name":"IGI Global","host_organization_lineage":["https://openalex.org/P4310320424"],"host_organization_lineage_names":["IGI Global"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Resources Management Journal","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:igg:rmj000:v:18:y:2005:i:4:p:21-39","is_oa":false,"landing_page_url":"https://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/irmj.2005100102","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.8100000023841858,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320320341","display_name":"Loughborough University","ror":"https://ror.org/04vg4w365"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W74934075","https://openalex.org/W613029453","https://openalex.org/W621947121","https://openalex.org/W653086118","https://openalex.org/W1495834394","https://openalex.org/W1603962791","https://openalex.org/W1972053463","https://openalex.org/W1977534227","https://openalex.org/W1991343803","https://openalex.org/W2001566875","https://openalex.org/W2009848950","https://openalex.org/W2018501661","https://openalex.org/W2023641092","https://openalex.org/W2030397662","https://openalex.org/W2032876373","https://openalex.org/W2034467019","https://openalex.org/W2039615995","https://openalex.org/W2049188895","https://openalex.org/W2052165706","https://openalex.org/W2064583296","https://openalex.org/W2071674092","https://openalex.org/W2075986741","https://openalex.org/W2076127550","https://openalex.org/W2084703921","https://openalex.org/W2091494072","https://openalex.org/W2104035395","https://openalex.org/W2118686998","https://openalex.org/W2119587968","https://openalex.org/W2148053293","https://openalex.org/W2168126859","https://openalex.org/W2169801772","https://openalex.org/W2757176113","https://openalex.org/W3023431289"],"related_works":["https://openalex.org/W2584162156","https://openalex.org/W2049188895","https://openalex.org/W2483557577","https://openalex.org/W1567258312","https://openalex.org/W2741061559","https://openalex.org/W2126017555","https://openalex.org/W4244250244","https://openalex.org/W3005750480","https://openalex.org/W2066297175","https://openalex.org/W3127569544"],"abstract_inverted_index":{"Information":[0],"is":[1,61],"a":[2,115],"critical":[3],"corporate":[4],"asset":[5],"that":[6,36,90],"has":[7,67],"become":[8],"increasingly":[9],"vulnerable":[10],"to":[11,24,34,64,92],"attacks":[12],"from":[13],"viruses,":[14],"hackers,":[15],"criminals,":[16],"and":[17,44,99,105,120,155,175],"human":[18],"error.":[19],"Consequently,":[20],"organizations":[21,128],"are":[22,138],"having":[23],"prioritize":[25],"the":[26,47,50,57,94,97,106,130,149,156,168,179],"security":[27,52,58,103,110,153,161,183],"of":[28,49,59,72,101,109,151,160,171,181],"their":[29,37,41],"computer":[30],"systems":[31],"in":[32,55,77,129,135],"order":[33],"ensure":[35],"information":[38,51,60,102,152,182],"assets":[39],"retain":[40],"accuracy,":[42],"confidentiality,":[43],"availability.":[45],"While":[46],"importance":[48],"policy":[53],"(InSPy)":[54],"ensuring":[56],"acknowledged":[62],"widely,":[63],"date":[65],"there":[66],"been":[68],"little":[69],"empirical":[70],"analysis":[71],"its":[73,176],"impact":[74],"or":[75,158],"effectiveness":[76],"this":[78,83,113,136,172],"role.":[79],"To":[80,112],"help":[81],"fill":[82],"gap,":[84],"an":[85],"exploratory":[86],"study":[87],"was":[88,117],"initiated":[89],"sought":[91],"investigate":[93],"relationship":[95],"between":[96,148],"uptake":[98],"application":[100],"policies":[104,154],"accompanying":[107],"levels":[108],"breaches.":[111,162],"end,":[114],"questionnaire":[116],"designed,":[118],"validated,":[119],"then":[121],"targeted":[122],"at":[123],"IT":[124],"managers":[125],"within":[126],"large":[127],"UK.":[131],"The":[132,163],"findings":[133],"presented":[134],"paper":[137,164],"somewhat":[139],"surprising,":[140],"as":[141],"they":[142],"show":[143],"no":[144],"statistically":[145],"significant":[146],"relationships":[147],"adoption":[150],"incidence":[157],"severity":[159],"concludes":[165],"by":[166],"exploring":[167],"possible":[169],"interpretations":[170],"unexpected":[173],"finding":[174],"implications":[177],"for":[178],"practice":[180],"management.":[184]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":3},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":9},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":3},{"year":2014,"cited_by_count":16},{"year":2013,"cited_by_count":4},{"year":2012,"cited_by_count":6}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2016-06-24T00:00:00"}