Change search
ReferencesLink to record
Permanent link

Direct link
Information Security Policies: A Frames of Reference Perspective
2011 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Researchers and information security professionals share an understanding of information securitypolicies as the foundation of organizational information security. A major concern for informationsecurity professionals is that only seldom do these policies bring about the expected outcomes. Inefforts to understand this problem, researchers have concentrated on different approaches formotivating end-users to comply with the information security policies but left the differences inorganizational groups and their expectations of these policies for little attention. This thesisanalyzes the impact of key organizational groups' perceptions of information security policies to theimplementation and use of these policies in the light of a theoretical framework that draws on theliterature on frames of reference and on information security policies. We propose a concept ofInformation Security Policy Frames of Reference (ISPFOR) as a means for understanding theseperceptions and their consequences. Our empirical findings from an interpretive case studyhighlight that organizational groups' perceptions of information security policies deserve attentionin regard to formulating and implementing information security policies in organizations. The thesisconcludes by arguing that frames of reference perspective, a perspective prominent in informationsystems research but not yet applied in the context of information security policies, offers acompelling explanation for problems around information security policy implementation and use inorganizations and provides new insight into employees' perceptions of information security policies.

Place, publisher, year, edition, pages
2011. , 78 p.
Keyword [en]
Keyword [sv]
Teknik, IS security, information security policies, information security management, frames of reference, interpretive research
URN: urn:nbn:se:ltu:diva-54400Local ID: b5b4da79-52dc-4ae9-9798-480e6c411567OAI: diva2:1027781
Subject / course
Student thesis, at least 30 credits
Educational program
Information Security, master's level
Validerat; 20110607 (anonymous)Available from: 2016-10-04 Created: 2016-10-04Bibliographically approved

Open Access in DiVA

fulltext(488 kB)0 downloads
File information
File name FULLTEXT02.pdfFile size 488 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Laaksonen, ElinaNiemimaa, Marko

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

ReferencesLink to record
Permanent link

Direct link