Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Information Security Policies: A Frames of Reference Perspective
2011 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Researchers and information security professionals share an understanding of information securitypolicies as the foundation of organizational information security. A major concern for informationsecurity professionals is that only seldom do these policies bring about the expected outcomes. Inefforts to understand this problem, researchers have concentrated on different approaches formotivating end-users to comply with the information security policies but left the differences inorganizational groups and their expectations of these policies for little attention. This thesisanalyzes the impact of key organizational groups' perceptions of information security policies to theimplementation and use of these policies in the light of a theoretical framework that draws on theliterature on frames of reference and on information security policies. We propose a concept ofInformation Security Policy Frames of Reference (ISPFOR) as a means for understanding theseperceptions and their consequences. Our empirical findings from an interpretive case studyhighlight that organizational groups' perceptions of information security policies deserve attentionin regard to formulating and implementing information security policies in organizations. The thesisconcludes by arguing that frames of reference perspective, a perspective prominent in informationsystems research but not yet applied in the context of information security policies, offers acompelling explanation for problems around information security policy implementation and use inorganizations and provides new insight into employees' perceptions of information security policies.

Place, publisher, year, edition, pages
2011. , 78 p.
Keyword [en]
Technology
Keyword [sv]
Teknik, IS security, information security policies, information security management, frames of reference, interpretive research
Identifiers
URN: urn:nbn:se:ltu:diva-54400Local ID: b5b4da79-52dc-4ae9-9798-480e6c411567OAI: oai:DiVA.org:ltu-54400DiVA: diva2:1027781
Subject / course
Student thesis, at least 30 credits
Educational program
Information Security, master's level
Supervisors
Note
Validerat; 20110607 (anonymous)Available from: 2016-10-04 Created: 2016-10-04Bibliographically approved

Open Access in DiVA

fulltext(488 kB)116 downloads
File information
File name FULLTEXT02.pdfFile size 488 kBChecksum SHA-512
0ccf7db1c50a41e1436a27be85d5a826e7f1b6dd9815d752e1d42fca78e98110b58a9c722ed162d79e37e744a39e39d31fa2db7429401a17027b67500e967fce
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Laaksonen, ElinaNiemimaa, Marko

Search outside of DiVA

GoogleGoogle Scholar
Total: 116 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 212 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf