Change search
CiteExportLink to record
Permanent link

Direct link
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Combining ISMS with strategic management: The case of BYOD
University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre. (Information Systems)
2015 (English)In: Information Systems 2015: Proceedings of the 8th IADIS International Conference / [ed] Miguel Baptista Nunes, Pedro Isaias, Philip Powell, IADIS Press, 2015, 161-168 p.Conference paper, Published paper (Refereed)
Abstract [en]

Bring Your Own Device (BYOD) (where employees use their private devices for work) causes problems for organisations since their management systems are seldom designed for this purpose. If BYOD is not adequately regulated, many security and privacy issues may result. This paper proposes an analysis-design-action framework for designing a suitable security management strategy by combining Johnson and Scholes’ strategic management model with the ISO/IEC 27000-series.

Place, publisher, year, edition, pages
IADIS Press, 2015. 161-168 p.
Keyword [en]
ISO/IEC 27000-series, BYOD, Information Security Management, Strategic Management
National Category
Information Systems
URN: urn:nbn:se:his:diva-10931ISBN: 978-989-8533-33-3 OAI: diva2:811620
8th IADIS International Conference on Information Systems 2015, 14–16 March, Madeira, Portugal

The full-text published here is a reprint from a paper published in the Proceedings of the 8th IADIS International Conference on Information Systems 2015, IADIS,

Available from: 2015-05-12 Created: 2015-05-12 Last updated: 2017-11-27Bibliographically approved
In thesis
1. Mobile Device Strategy: A management framework for securing company information assets on mobile devices
Open this publication in new window or tab >>Mobile Device Strategy: A management framework for securing company information assets on mobile devices
2016 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

The problem addressed by this research is a demand for increased flexibility in access to organisational information, driven by the increasing popularity of mobile devices. Employees increasingly bring private devices to work (Bring Your Own Device, BYOD) or use work devices for private purposes (Choose Your Own Device, CYOD). This puts managers in a difficult position, since they want the benefits of mobility, without exposing organisational data to further risk. The research focuses on management (particularly information security management) issues in the design and implementation of strategies for mobile devices.  There are two objectives. The first is to identify existing information security management strategies for mobile and dual-use devices. The second is to develop a framework for analysing, evaluating and implementing a mobile device strategy.

The overall research strategy is inspired by Design Science; where the mission is to develop an artefact, in this case a framework, which will help to solve a practical problem. Methods include literature review, theoretical development, and the collection and analysis of qualitative data through interviews with executives. The main result of this work is the framework, which deals with the complete process, including analysis, design and implementation of a mobile device management strategy. It helps researchers to understand necessary steps in analysing phenomenon like BYOD and gives practitioners guidance in which analyses to conduct when working on strategies for mobile devices. The framework was developed primarily through theoretical work (with inspiration from the mobile security and strategic management literature, and the ISO/IEC 27000 standard), and evaluated and refined through the empirical studies. The results include twelve management issues, a research agenda, argumentation for CYOD and, guidance for researchers and practitioners.

Place, publisher, year, edition, pages
Skövde: University of Skövde, 2016. 76 p.
Dissertation Series, 15 (2016)
Strategic Management, Mobile device, Information security, information security management, information management, BYOD, CYOD, mobile strategy, mobile device strategy, management framework
National Category
Information Systems
urn:nbn:se:his:diva-13125 (URN)978-91-982690-5-5 (ISBN)
2016-11-29, G207, Högskolan i Skövde, Skövde, 13:00 (English)
Knowledge Foundation
Available from: 2016-12-05 Created: 2016-11-22 Last updated: 2017-11-27Bibliographically approved

Open Access in DiVA