The purpose of this paper is to explore the operational impact of the adoption of the most renowned norm in the field of information security: ISO/IEC 27001. We develop six research hypotheses; three of them related to firm’s operating performance and three which shed light on the moderating role of some contextual factors. The results indicate that the ISO/IEC 27001 certification improves the profitability and the labor productivity of the adopting firms while no effect is recorded on sales performance. The impact appears affected by the munificence of the industry and the level of internationalization of the firm.
Performance implications of ISO/IEC 27001 certification.
Matteo Podrecca
Primo
;Giovanna CulotSecondo
;Guido NassimbeniPenultimo
;Marco SartorUltimo
2021-01-01
Abstract
The purpose of this paper is to explore the operational impact of the adoption of the most renowned norm in the field of information security: ISO/IEC 27001. We develop six research hypotheses; three of them related to firm’s operating performance and three which shed light on the moderating role of some contextual factors. The results indicate that the ISO/IEC 27001 certification improves the profitability and the labor productivity of the adopting firms while no effect is recorded on sales performance. The impact appears affected by the munificence of the industry and the level of internationalization of the firm.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
