Evolution of the Institutionalization of Information Systems Security Policies in Portuguese Public Administration

Public Administration organizations handle increasingly higher amounts of information in digital format. Therefore, more rigorous and comprehensive security controls are indispensable. In literature, security policies assume a paramount role among security measures. However, a 2010 study reveals the existence of a low number of City Councils where information systems security policies are implemented [1]. This paper's contribution is to compare the data from that study with 2016 data by presenting the results of a survey conducted on the Local Public Administration in Portugal. The results are discussed in light of literature and future works are identified with the aim of enabling the adoption of security policies in Public Administration.