oru.sePublikationer
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Inter-organisational information security: a systematic literature review
Örebro University, Orebro University School of Business, Örebro University, Sweden.ORCID iD: 0000-0002-3265-7627
Örebro University, Orebro University School of Business, Örebro University, Sweden.
Örebro University, Orebro University School of Business, Örebro University, Sweden. (INTERORG)ORCID iD: 0000-0002-6646-9798
2016 (English)In: Information & Computer Security, ISSN 2056-4961, Vol. 24, no 5, 418-451 p.Article in journal (Refereed) Published
Abstract [en]

Purpose: The purpose of this paper is to survey existing inter-organisational information securityresearch to scrutinise the kind of knowledge that is currently available and the way in which thisknowledge has been brought about.

Design/methodology/approach: The results are based on a literature review of inter-organisational information security research published between 1990 and 2014.

Findings: The authors conclude that existing research has focused on a limited set of research topics.A majority of the research has focused management issues, while employees’/non-staffs’ actualinformation security work in inter-organisational settings is an understudied area. In addition, themajority of the studies have used a subjective/argumentative method, and few studies combinetheoretical work and empirical data.

Research limitations/implications: The findings suggest that future research should address abroader set of research topics, focusing especially on employees/non-staff and their use of processes andtechnology in inter-organisational settings, as well as on cultural aspects, which are lacking currently;focus more on theory generation or theory testing to increase the maturity of this sub-field; and use abroader set of research methods.

Practical implications: The authors conclude that existing research is to a large extent descriptive,philosophical or theoretical. Thus, it is difficult for practitioners to adopt existing research results, suchas governance frameworks, which have not been empirically validated.

Originality/value: Few systematic reviews have assessed the maturity of existinginter-organisational information security research. Findings of authors on research topics, maturity andresearch methods extend beyond the existing knowledge base, which allow for a critical discussionabout existing research in this sub-field of information security.

Place, publisher, year, edition, pages
Emerald Group Publishing Limited, 2016. Vol. 24, no 5, 418-451 p.
Keyword [en]
Information security, Literature review, Inter-organisational, State-of-the-art review
National Category
Information Systems, Social aspects
Identifiers
URN: urn:nbn:se:oru:diva-53801DOI: 10.1108/ICS-11-2016-091ISI: 000393465000001Scopus ID: 2-s2.0-84995953660OAI: oai:DiVA.org:oru-53801DiVA: diva2:1052237
Funder
Swedish Civil Contingencies Agency
Available from: 2016-12-05 Created: 2016-12-05 Last updated: 2017-03-13Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Karlsson, FredrikKolkowska, EllaPrenkert, Frans
By organisation
Orebro University School of Business, Örebro University, Sweden
Information Systems, Social aspects

Search outside of DiVA

GoogleGoogle Scholar

Altmetric score

Total: 166 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf