oru.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Value conflicts for information security management
Örebro University, Swedish Business School at Örebro University. (Informatik)ORCID iD: 0000-0003-2304-7170
Örebro University, Swedish Business School at Örebro University. (Informatik)
Örebro University, Swedish Business School at Örebro University. (Informatik)ORCID iD: 0000-0002-3265-7627
School of Management, University of San Francisco, San Francisco, USA.
2011 (English)In: Journal of strategic information systems, ISSN 0963-8687, E-ISSN 1873-1198, Vol. 20, no 4, p. 373-384Article in journal (Refereed) Published
Abstract [en]

A business’s information is one of its most important assets, making the protection of information a strategic issue. In this paper, we investigate the tension between information security policies and information security practice through longitudinal case studies at two health care facilities. The management of information security is traditionally informed by a control-based compliance model, which assumes that human behavior needs to be controlled and regulated. We propose a different theoretical model: the value-based compliance model, assuming that multiple forms of rationality are employed in organizational actions at one time, causing potential value conflicts. This has strong strategic implications for the management of information security. We believe health care situations can be better managed using the assumptions of a value-based compliance model.

Place, publisher, year, edition, pages
Amsterdam: Elsevier, 2011. Vol. 20, no 4, p. 373-384
Keywords [en]
Information systems security, Information security, Health care information systems, Values, Value conflicts, Management of information security
National Category
Human Aspects of ICT Information Systems
Research subject
Informatics
Identifiers
URN: urn:nbn:se:oru:diva-20513DOI: 10.1016/j.jsis.2011.06.001ISI: 000298458800005OAI: oai:DiVA.org:oru-20513DiVA, id: diva2:462898
Note

Funding Agency: Swedish Civil Contingency Agency

Available from: 2011-12-08 Created: 2011-12-08 Last updated: 2018-05-03Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records BETA

Hedström, KarinKolkowska, EllaKarlsson, Fredrik

Search in DiVA

By author/editor
Hedström, KarinKolkowska, EllaKarlsson, Fredrik
By organisation
Swedish Business School at Örebro University
In the same journal
Journal of strategic information systems
Human Aspects of ICTInformation Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 790 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf