IRIS

The purpose of this paper is to explore the operational impact of the adoption of the most renowned norm in the field of information security: ISO/IEC 27001. We develop six research hypotheses; three of them related to firm’s operating performance and three which shed light on the moderating role of some contextual factors. The results indicate that the ISO/IEC 27001 certification improves the profitability and the labor productivity of the adopting firms while no effect is recorded on sales performance. The impact appears affected by the munificence of the industry and the level of internationalization of the firm.

Performance implications of ISO/IEC 27001 certification.

Matteo Podrecca
Primo
;Giovanna Culot
Secondo
;Guido Nassimbeni
Penultimo
;Marco Sartor
Ultimo
2021-01-01

Abstract

The purpose of this paper is to explore the operational impact of the adoption of the most renowned norm in the field of information security: ISO/IEC 27001. We develop six research hypotheses; three of them related to firm’s operating performance and three which shed light on the moderating role of some contextual factors. The results indicate that the ISO/IEC 27001 certification improves the profitability and the labor productivity of the adopting firms while no effect is recorded on sales performance. The impact appears affected by the munificence of the industry and the level of internationalization of the firm.
2021
4.1 Contributo in Atti di convegno
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11390/1235104
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact