oru.sePublikasjoner
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Practice-based discourse analysis of information security policies
Örebro universitet, Handelshögskolan vid Örebro Universitet. (CERIS)ORCID-id: 0000-0002-3265-7627
Örebro universitet, Handelshögskolan vid Örebro Universitet. (CERIS)ORCID-id: 0000-0003-2304-7170
Information Systems, Linköpings Universitet, Linköping, Sweden.
2017 (engelsk)Inngår i: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 67, s. 267-279Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

To address the “insider” threat to information and information systems, an information security policy is frequently recommended as an organisational measure. However, having a policy in place does not necessarily guarantee information security. Employees’ poor compliance with information security policies is a perennial problem for many organisations. It has been shown that approximately half of all security breaches caused by insiders are accidental, which means that one can question the usefulness of current information security policies. We therefore propose eight tentative quality criteria in order to support the formulation of information security policies that are practical from the employees’ perspective. These criteria have been developed using practice-based discourse analysis on three information security policy documents from a health care organisation.

sted, utgiver, år, opplag, sider
Elsevier, 2017. Vol. 67, s. 267-279
Emneord [en]
Information security policy, discourse analysis, communicative analysis, quality criteria, policy design
HSV kategori
Forskningsprogram
Informatik
Identifikatorer
URN: urn:nbn:se:oru:diva-54720DOI: 10.1016/j.cose.2016.12.012ISI: 000401213200018Scopus ID: 2-s2.0-85017641481OAI: oai:DiVA.org:oru-54720DiVA, id: diva2:1065795
Prosjekter
SECURIT - Congruence
Forskningsfinansiär
Swedish Civil Contingencies Agency, 2011-388Tilgjengelig fra: 2017-01-16 Laget: 2017-01-16 Sist oppdatert: 2017-10-18bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

Forlagets fulltekstScopus

Personposter BETA

Karlsson, FredrikHedström, Karin

Søk i DiVA

Av forfatter/redaktør
Karlsson, FredrikHedström, Karin
Av organisasjonen
I samme tidsskrift
Computers & security (Print)

Søk utenfor DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric

doi
urn-nbn
Totalt: 495 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf