liu.seSearch for publications in DiVA
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Practice-based discourse analysis of information security policies
Örebro University, Sweden.
Örebro University, Sweden.
Linköpings universitet, Institutionen för ekonomisk och industriell utveckling, Informatik. Linköpings universitet, Filosofiska fakulteten.
2017 (engelsk)Inngår i: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 67, s. 267-279Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

To address the "insider" threat to information and information systems, an information security policy is frequently recommended as an organisational measure. However, having a policy in place does not necessarily guarantee information security. Employees poor compliance with information security policies is a perennial problem for many organisations. It has been shown that approximately half of all security breaches caused by insiders are accidental, which means that one can question the usefulness of current information security policies. We therefore propose eight tentative quality criteria in order to support the formulation of information security policies that are practical from the employees perspective. These criteria have been developed using practice-based discourse analysis on three information security policy documents from a health care organisation. (C) 2016 Elsevier Ltd. All rights reserved.

sted, utgiver, år, opplag, sider
ELSEVIER ADVANCED TECHNOLOGY , 2017. Vol. 67, s. 267-279
Emneord [en]
Information security policy; Discourse analysis; Communicative analysis; Quality criteria; Policy design
HSV kategori
Identifikatorer
URN: urn:nbn:se:liu:diva-138226DOI: 10.1016/j.cose.2016.12.012ISI: 000401213200018OAI: oai:DiVA.org:liu-138226DiVA, id: diva2:1109396
Konferanse
30th IFIP TC 11 International Information Security and Privacy Conference (SEC)
Merknad

Funding Agencies|Swedish Civil Contingencies Agency [2011-388]

Tilgjengelig fra: 2017-06-14 Laget: 2017-06-14 Sist oppdatert: 2018-01-13

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

Forlagets fulltekst

Søk i DiVA

Av forfatter/redaktør
Goldkuhl, Göran
Av organisasjonen
I samme tidsskrift
Computers & security (Print)

Søk utenfor DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric

doi
urn-nbn
Totalt: 825 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf