Information systems security policies: A contextual perspective

Computers and Security

Volumn 24, Issue 3, 2005, Pages 246-260

  Karyda, Maria ^a   Kiountouzis, Evangelos ^a   Kokolakis, Spyros ^b  

^a ATHENS UNIVERSITY OF ECONOMICS AND BUSINESS   (Greece)

^b UNIVERSITY OF THE AEGEAN   (Greece)

Author keywords

Contextualism; Information systems; Security awareness; Security policy adoption; Security policy implementation

Indexed keywords

DYNAMICS; INFORMATION MANAGEMENT; PUBLIC POLICY; RISKS; SECURITY OF DATA; SOCIETIES AND INSTITUTIONS; STATISTICAL METHODS;

CONTEXTUALISM; INFORMATION SYSTEMS; SECURITY AWARENESS; SECURITY POLICY ADOPTION; SECURITY POLICY IMPLEMENTATION;

INTERNET;

EID: 18844431067     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2004.08.011     Document Type: Article

References (33)

1. S. Alter A general, yet useful theory of information systems Communications of the Association for Information Systems 1 1999 Article 13
2. A. Ammeter, C. Douglas, W. Gardner, W. Hochwarter, and G. Ferris Toward a political theory of leadership The Leadership Quarterly 13 2002 751 796
3. C. Avgerou Information systems and global diversity 2002 Oxford University Press p. 152-74
4. R. Baskerville, and M. Siponen An information security meta-policy for emergent organizations Journal of Logistics Information Management 15 5/6 2002 337 346
5. I. Benbasat, D. Goldstein, and M. Mead The case research strategy in studies in information systems MIS Quarterly 1987 369 386
6. Björck F. Security Scandinavian style. Interpreting the practice of managing information systems in organisations. Ph.D. thesis. Stockholm University and Royal Institute of Technology; 2001.
7. G. Dhillon Managing information system security 1997 Macmillan Press
8. K. Eisenhardt Building theories from case study research Academy of Management Review 14 4 1989 532 550
9. M. Eloff, and S. von Solms Information security management: a hierarchical framework for various approaches Computers and Security 19 3 2000 243 256
10. D. Gritzalis A baseline security policy for distributed healthcare information systems Computers and Security 16 8 1997 709 719
11. K. Höne, and J. Eloff Information security policy - what do international information security standards say? Computers and Security 21 5 2002 402 409
12. K. Höne, and J. Eloff What makes an effective security policy? Network Security 6 1 2002 14 16
13. P. Jarvinen Research questions guiding selection of an appropriate research method H.R. Hansen M. Bichler H. Maher Proceedings of the eighth European conference on information systems 2000 Vienna University of Economics and Business Administration
14. M. Karyda, S. Kokolakis, and E. Kiountouzis Redefining information systems security: viable information systems Proceedings of the 16th IFIP international conference on information security (SEC 2001), June 2001 2001 Kluwer Academic Publishers Paris, France
15. M. Karyda, S. Kokolakis, and E. Kiountouzis Content, context, process analysis of IS security policy formation D. Gritzalis Security and privacy in the age of uncertainty, Proceedings of the 18th IFIP international conference on information security 2003 Kluwer Academic Publishers
16. H. Mintzberg The organization as political arena Journal of Management Studies 22 1985 133 154
17. T. Peltier Information security policies and procedures: a practitioner's reference 1999 CRC Press
18. A. Pettigrew Context and action in the transformation of the firm Journal of Management Studies 24 6 1987 649 670
19. A. Pettigrew What is processual analysis? Scandinavian Journal of Management 13 4 1997 337 348
20. A. Pettigrew, and R. Whipp Managing change for competitive success 1993 Blackwell
21. M. Siponen A conceptual foundation for organizational information security awareness Information Management and Computer Security 8 1 2000 31 41
22. M. Siponen Policies for construction of information systems' security guidelines S. Qing J.H.P. Eloff Information security for global information infrastructures 2000 Kluwer Academic Publishers 112 120
23. M. Siponen Designing secure information systems and software Ph.D. thesis 2002 University of Oulu, Oulu University Press
24. V. Symons A review of information systems evaluation: content, context and process Journal of Information Systems 1 3 1991 205 212
25. C. Trompeter, and J. Eloff A framework for the implementation of socio-ethical controls in information security Computers and Security 20 5 2001 384 391
26. UK Central Computer and Telecommunications Agency CCTA risk analysis and management method: user manual 2002 HMSO London Version 5.0
27. G. Walsham Interpretive case studies in IS research: nature and method European Journal of Information Systems 4 1995 74 81
28. G. Walsham, and T. Waema Information systems strategy and implementation: a case study of a building society ACM Transactions on Information Systems 12 2 1994 150 173
29. M. Warren Security practice: survey evidence from three countries Logistics Information Management 15 5/6 2002 347 351
30. M. Whitman, A. Towsend, and R. Aalberts Information systems security and the need for policy G. Dhillon Information security management: global challenges in the new millennium 2001 Idea Group Publishing
31. C. Wood Security policies made easy 1999 Baseline Software
32. C. Wood An unappreciated reason why security policies fail Computer Fraud and Security 10 2000 13 14
33. R. Yin Case study research: design and methods 1994 Sage Publications