Change search
ReferencesLink to record
Permanent link

Direct link
Linking Information Security Awareness to Information Security Management Strategy.A Study in an IT Company
Linnaeus University, Faculty of Technology, Department of Informatics.
2015 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

There is a great concern when it comes to the investigation of the parameters that affect the formulation of an information security management strategy in an organization. Amongst others, information security awareness is of great interest, mainly because it links the implementation of the information security policies to the consciousness and the psychology of the employees of an organization. State it otherwise, the information security awareness positively beholds the role of a bridge so as to help the IS managers to evaluate the level that the critical information of the organization are secured, and it offers to IS managers opportunities to develop suitable training programs and information security policies for all the employees of an organization. In the current thesis, we focused on the investigation of the factors that influence the behavior of the employees in order to accept any information security policy of the organization and to adopt information security awareness.The psychology of security and technology (POST™) framework (Layton, 2005) together with a PEST (Political, Economic, Social, Technology) analysis guide the investigation and offer the theoretical background for the conduction of a study in an IT Company. A qualitative research has been conducted and semi-structured interviews helped for the collection of the desired data. Also a thematic analysis and the use of a generic approach (Lichtman, 2013) helped for the analysis of the data. The final results gave the ability to identify in practice the employees’ information security awareness adoption level, to link the measurement findings to the development of an information security management strategy and to refine the POST™ framework for its greater advance.

Place, publisher, year, edition, pages
2015. , 111 p.
Keyword [en]
Information security awareness, information security policies, compliance, psychology, security, measurement, information security management strategies, information security training programs, POST™ framework, PEST analysis.
National Category
Other Engineering and Technologies
URN: urn:nbn:se:lnu:diva-45894OAI: diva2:849020
Subject / course
Educational program
Master Programme in Information Systems, 120 credits
Available from: 2015-08-27 Created: 2015-08-27 Last updated: 2015-08-27Bibliographically approved

Open Access in DiVA

fulltext(1642 kB)102 downloads
File information
File name FULLTEXT01.pdfFile size 1642 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Spandonidis, Bladimiros
By organisation
Department of Informatics
Other Engineering and Technologies

Search outside of DiVA

GoogleGoogle Scholar
Total: 102 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 452 hits
ReferencesLink to record
Permanent link

Direct link