oru.sePublications
Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 78) Show all publications
Mäki-Runsas, T. E., Wistrand, K. & Karlsson, F. (2018). Cargo Cults in Information Systems Development: a Definition andan Analytical Framework. In: 27th International Conference on Information Systems Development (ISD2018): . Paper presented at 27th International Conference on Information Systems Development (ISD2018), Lund, Sweden, August 22-24, 2018.
Open this publication in new window or tab >>Cargo Cults in Information Systems Development: a Definition andan Analytical Framework
2018 (English)In: 27th International Conference on Information Systems Development (ISD2018), 2018Conference paper, Published paper (Refereed)
Abstract [en]

Organizations today adopt agile information systems development methods (ISDM), but many do not succeed with the adoption process and in achieving desired results. Systems developers sometimes fail in efficient use of ISDM, often due to a lack of understanding the fundamental intentions of the chosen method. In many cases organizations simply imitate the behavior of others without really understanding why. This conceptual paper defines this phenomenon as an ISDM cargo cult behavior and proposes an analytical framework to identify such situations. The concept of cargo cults originally comes from the field of social anthropology and has been usedto explain irrational, ritualistic imitation of certain behavior. By defining and introducing the concept in the field of information systems development we provide a diagnostic tool to better understand one of the reasons why ISDM adoption sometimes fail.

Keywords
Agile development, Cargo cult, Method Rationale, Self-Determination theory, Social-action theory, Information systems development, Information systems development methods, Software development, Software development method
National Category
Information Systems, Social aspects
Research subject
Informatics
Identifiers
urn:nbn:se:oru:diva-68610 (URN)
Conference
27th International Conference on Information Systems Development (ISD2018), Lund, Sweden, August 22-24, 2018
Available from: 2018-08-28 Created: 2018-08-28 Last updated: 2018-08-28Bibliographically approved
Karlsson, F., Kolkowska, E. & Törner, M. (2018). Guest editorial: Value Conflicts and Information Security Management. Information and Computer Security, 26(2), 146-149
Open this publication in new window or tab >>Guest editorial: Value Conflicts and Information Security Management
2018 (English)In: Information and Computer Security, ISSN 2056-4961, Vol. 26, no 2, p. 146-149Article in journal, Editorial material (Other academic) Published
Place, publisher, year, edition, pages
Emerald Group Publishing Limited, 2018
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-68485 (URN)10.1108/ICS-02-2018-0019 (DOI)000439563900001 ()2-s2.0-85049900460 (Scopus ID)
Available from: 2018-08-15 Created: 2018-08-15 Last updated: 2018-09-12Bibliographically approved
Hellberg, A.-S., Islam, S. & Karlsson, F. (2018). Säkerhet vid molnlösningar. Karlstad: Myndigheten för samhällsskydd och beredskap
Open this publication in new window or tab >>Säkerhet vid molnlösningar
2018 (Swedish)Report (Other academic)
Place, publisher, year, edition, pages
Karlstad: Myndigheten för samhällsskydd och beredskap, 2018. p. 81
National Category
Information Systems, Social aspects
Research subject
Informatics
Identifiers
urn:nbn:se:oru:diva-68609 (URN)978-91-7383-819-1 (ISBN)
Funder
Swedish Civil Contingencies Agency
Available from: 2018-08-28 Created: 2018-08-28 Last updated: 2018-08-29Bibliographically approved
Hallberg, J., Johansson, P., Karlsson, F., Lundberg, F., Lundgren, B. & Törner, M. (Eds.). (2017). Informationssäkerhet och organisationskultur. Lund: Studentlitteratur AB
Open this publication in new window or tab >>Informationssäkerhet och organisationskultur
Show others...
2017 (Swedish)Collection (editor) (Other (popular science, discussion, etc.))
Place, publisher, year, edition, pages
Lund: Studentlitteratur AB, 2017
Keywords
Informationssäkerhet
National Category
Information Systems, Social aspects
Research subject
Informatics
Identifiers
urn:nbn:se:oru:diva-62755 (URN)9789144121406 (ISBN)
Available from: 2017-11-22 Created: 2017-11-22 Last updated: 2017-11-22Bibliographically approved
Karlsson, F., Frostenson, M., Prenkert, F., Kolkowska, E. & Helin, S. (2017). Inter-organisational information sharing in the public sector: A longitudinal case study on the reshaping of success factors. Government Information Quarterly, 34(4), 567-577
Open this publication in new window or tab >>Inter-organisational information sharing in the public sector: A longitudinal case study on the reshaping of success factors
Show others...
2017 (English)In: Government Information Quarterly, ISSN 0740-624X, E-ISSN 1872-9517, Vol. 34, no 4, p. 567-577Article in journal (Refereed) Published
Abstract [en]

Today, public organisations need to share information in order to complete their tasks. Over the years, scholars have mapped out the social and organisational factors that affect the success or failure of these kinds of endeavours. However, few of the suggested models have sought to address the temporal aspect of inter-organisational information sharing. The aim of this paper is to investigate the reshaping of social and organisational factors of inter-organisational information sharing in the public sector over time. We analysed four years' worth of information sharing in an inter-organisational reference group on copper corrosion in the context of nuclear waste management. We could trace how factors in the model proposed by Yang and Maxwell (2011) were reshaped over time. Two factors in the model – concerns of information misuse and trust – are frequently assessed by organisations and are the most likely to change. In the long run we also found that legislation and policies can change.

Place, publisher, year, edition, pages
Elsevier, 2017
Keywords
Information sharing, Inter-organisational, Social factors, Organisational factors
National Category
Information Systems, Social aspects
Research subject
Informatics; Business Studies
Identifiers
urn:nbn:se:oru:diva-62307 (URN)10.1016/j.giq.2017.10.007 (DOI)000418209700001 ()2-s2.0-85032881966 (Scopus ID)
Funder
Swedish Civil Contingencies Agency
Available from: 2017-11-11 Created: 2017-11-11 Last updated: 2018-01-03Bibliographically approved
Andersson, A., Karlsson, F. & Hedström, K. (2017). Konfliktfylld kultur vid framtagande av informationssäkerhetsstandarder. In: Jonas Hallberg, Peter Johansson, Fredrik Karlsson, Frida Lundberg, Björn Lundgren, Marianne Törner (Ed.), Informationssäkerhet och organisationskultur: . Lund: Studentlitteratur AB
Open this publication in new window or tab >>Konfliktfylld kultur vid framtagande av informationssäkerhetsstandarder
2017 (Swedish)In: Informationssäkerhet och organisationskultur / [ed] Jonas Hallberg, Peter Johansson, Fredrik Karlsson, Frida Lundberg, Björn Lundgren, Marianne Törner, Lund: Studentlitteratur AB, 2017Chapter in book (Other (popular science, discussion, etc.))
Place, publisher, year, edition, pages
Lund: Studentlitteratur AB, 2017
National Category
Information Systems, Social aspects
Identifiers
urn:nbn:se:oru:diva-62753 (URN)9789144121406 (ISBN)
Funder
Swedish Civil Contingencies Agency
Available from: 2017-11-22 Created: 2017-11-22 Last updated: 2017-11-22Bibliographically approved
Karlsson, F., Karlsson, M. & Åström, J. (2017). Measuring employees’ compliance: The importance of value pluralism. Information and Computer Security, 25(3), 279-299
Open this publication in new window or tab >>Measuring employees’ compliance: The importance of value pluralism
2017 (English)In: Information and Computer Security, ISSN 1434-5250, E-ISSN 2220-3796, Vol. 25, no 3, p. 279-299Article in journal (Refereed) Published
Abstract [en]

Purpose: This paper aims to investigate two different types of compliance measures: the first measure is a value-monistic compliance measure, whereas the second is a value-pluralistic measure, which introduces the idea of competing organisational imperatives.

Design/methodology/approach: A survey was developed using two sets of items to measure compliance. The survey was sent to 600 white-collar workers and analysed through ordinary least squares.

Findings: The results suggest that when using the value-monistic measure, employees' compliance was a function of employees' intentions to comply, their self-efficacy and awareness of information security policies. In addition, compliance was not related to the occurrence of conflicts between information security and other organisational imperatives. However, when the dependent variable was changed to a value-pluralistic measure, the results suggest that employees' compliance was, to a great extent, a function of the occurrence of conflicts between information security and other organisational imperatives, indirect conflicts with other organisational values.

Research limitations/implications: The results are based on small survey; yet, the findings are interesting and justify further investigation. The results suggest that relevant organisational imperatives and value systems, along with information security values, should be included in measures for employees' compliance with information security policies.

Practical implications: Practitioners and researchers should be aware that there is a difference in measuring employees' compliance using value monistic and value pluralism measurements.

Originality/value: Few studies exist that critically compare the two different compliance measures for the same population.

Place, publisher, year, edition, pages
Emerald Group Publishing Limited, 2017
Keywords
Employees' compliance, Field surveys, Information security policy compliance, Value pluralism
National Category
Information Systems Political Science
Research subject
Informatics
Identifiers
urn:nbn:se:oru:diva-56342 (URN)10.1108/ICS-11-2016-0084 (DOI)000406886300004 ()2-s2.0-85026881516 (Scopus ID)
Projects
Attitude
Funder
Swedish Civil Contingencies Agency
Available from: 2017-03-15 Created: 2017-03-15 Last updated: 2018-01-13Bibliographically approved
Karlsson, M., Karlsson, F. & Åström, J. (2017). Organisationskulturens påverkan på informations­säkerhetsarbetet (1ed.). In: Jonas Hallberg, Peter Johansson, Fredrik Karlsson, Frida Lundberg, Björn Lundgren och Marianne Törner (Ed.), Informationssäkerhet och organisationskultur: (pp. 25-40). Lund: Studentlitteratur AB
Open this publication in new window or tab >>Organisationskulturens påverkan på informations­säkerhetsarbetet
2017 (Swedish)In: Informationssäkerhet och organisationskultur / [ed] Jonas Hallberg, Peter Johansson, Fredrik Karlsson, Frida Lundberg, Björn Lundgren och Marianne Törner, Lund: Studentlitteratur AB, 2017, 1, p. 25-40Chapter in book (Other academic)
Abstract [sv]

Organisationskulturen sägs ofta vara en central del i att styra en modern organisation. I detta kapitel resonerar vi kring sambandet mellan den kultur som enligt svenska tjänstemän finns i deras organisationer och informationssäkerheten i dessa organisationer. Denna kunskap är viktig dels för att kunna använda förändring av organisationskulturen som ett sätt att åstadkomma ökad informationssäkerhet, dels för att kunna förutse konsekvenserna av att allt fler organisationer idag förändras i riktning mot vad som enligt vår studie skapar sämre förutsättningar för informationssäkerhet. 

Place, publisher, year, edition, pages
Lund: Studentlitteratur AB, 2017 Edition: 1
Keywords
informationssäkerhet, organisationskultur, tjänstemän
National Category
Public Administration Studies
Research subject
Informatics; Political Science
Identifiers
urn:nbn:se:oru:diva-61547 (URN)9789144121406 (ISBN)
Projects
Attitude (MSB)
Funder
Swedish Civil Contingencies Agency
Available from: 2017-10-16 Created: 2017-10-16 Last updated: 2018-03-19Bibliographically approved
Karlsson, F., Hedström, K. & Goldkuhl, G. (2017). Practice-based discourse analysis of information security policies. Computers & security (Print), 67, 267-279
Open this publication in new window or tab >>Practice-based discourse analysis of information security policies
2017 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 67, p. 267-279Article in journal (Refereed) Published
Abstract [en]

To address the “insider” threat to information and information systems, an information security policy is frequently recommended as an organisational measure. However, having a policy in place does not necessarily guarantee information security. Employees’ poor compliance with information security policies is a perennial problem for many organisations. It has been shown that approximately half of all security breaches caused by insiders are accidental, which means that one can question the usefulness of current information security policies. We therefore propose eight tentative quality criteria in order to support the formulation of information security policies that are practical from the employees’ perspective. These criteria have been developed using practice-based discourse analysis on three information security policy documents from a health care organisation.

Place, publisher, year, edition, pages
Elsevier, 2017
Keywords
Information security policy, discourse analysis, communicative analysis, quality criteria, policy design
National Category
Information Systems, Social aspects
Research subject
Informatics
Identifiers
urn:nbn:se:oru:diva-54720 (URN)10.1016/j.cose.2016.12.012 (DOI)000401213200018 ()2-s2.0-85017641481 (Scopus ID)
Projects
SECURIT - Congruence
Funder
Swedish Civil Contingencies Agency, 2011-388
Available from: 2017-01-16 Created: 2017-01-16 Last updated: 2017-10-18Bibliographically approved
Frostenson, M., Hedström, K., Helin, S., Karlsson, F., Kolkowska, E. & Prenkert, F. (2017). Samverkan mellan aktörer i industriella nätverk skapar nya utmaningar för informationssäkerheten (1ed.). In: J. Hallberg, P. Johansson, F. Karlsson, F. Lundberg, B. Lundgren, M. Törner (Ed.), Informationssäkerhet och organisationskultur : (pp. 61-75). Lund
Open this publication in new window or tab >>Samverkan mellan aktörer i industriella nätverk skapar nya utmaningar för informationssäkerheten
Show others...
2017 (Swedish)In: Informationssäkerhet och organisationskultur / [ed] J. Hallberg, P. Johansson, F. Karlsson, F. Lundberg, B. Lundgren, M. Törner, Lund, 2017, 1, p. 61-75Chapter in book (Refereed)
Place, publisher, year, edition, pages
Lund: , 2017 Edition: 1
National Category
Information Systems, Social aspects
Research subject
Informatics
Identifiers
urn:nbn:se:oru:diva-59445 (URN)978-91-44-12140-6 (ISBN)
Funder
Swedish Civil Contingencies Agency
Available from: 2017-09-01 Created: 2017-09-01 Last updated: 2017-11-08Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0002-3265-7627

Search in DiVA

Show all publications