Extracting useful information from security assessment interviews

Proceedings of the Annual Hawaii International Conference on System Sciences

Volumn 6, Issue , 2006, Pages

  Stanton, Jeffrey M ^a   Fagnot, Isabelle J ^a  

^a SYRACUSE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

MEDIUM-SIZED ORGANIZATIONS; SECURITY AUDITING; TECHNICAL INFRASTRUCTURE;

DATA PRIVACY; MANAGERS; PERSONNEL; SECURITY OF DATA; SOCIETIES AND INSTITUTIONS; SYSTEMS ANALYSIS;

INFORMATION RETRIEVAL;

EID: 33749599144     PISSN: 15301605     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/HICSS.2006.180     Document Type: Conference Paper

References (19)

1. Burnard, P. "A method of analyzing interview transcripts in qualitative research." Nurse Education Today, 1991, 11, 461-466.
2. Burnard, P. "Searching for meaning: a method of analyzing interview transcripts with a personal computer." Nurse Education Today, 1994, 14, 111-117.
3. Champlain, J.J., Auditing Information Systems, John Wiley, Hoboken, NJ, 2003.
4. Chatterjee, K., Morton, S. and Mukherji, A., "Strategic Audit Policies Without Commitment", 1999, mimeo.
5. Clarke, A. Evaluation research: An introduction to principles, methods, and practice. Sage, London, 1999.
6. Gordon, L.A., Loeb, M.P. and Sohail, T. "A Framework for Using Insurance For Cyber-Risk Management", Communication of the ACM, 2003, 46(3), 81-85.
7. Hermann, D.S., Using the Common Criteria for IT Security Evaluation, Auerbach Publications, Boca Raton, Fia., 2003.
8. Hunton, J.E., Bryant, S.M., and Bagranoff, N.A., Core Concepts of Information Technology Auditing, Wiley, Hoboken, NJ, 2004.
9. Kotulic A.G. and Clark, G.J., "Why there aren't more information security research studies", Information & Management, 2004, 41, 597-607.
10. Krauss, L.I., SAFE: Security audit and field evaluation for computer facilities and information systems, AMACOM, New York, 1980.
11. Myers, M.D. "Qualitative Research in Information Systems", MISQ Discovery, June 1997.
12. Myers, M.D. & Walsham, G. "Exemplifying interpretive research in information systems: an overview", Journal of Information Technology, December 1998, 13 (4), 233-234.
13. Neuendorf, K.A. The content analysis guidebook. Sage, Thousand Oaks, CA, 2002.
14. Peltier, T.R., Information Security Risk Analysis, Auerbach Publications, Boca Raton, Fia., 2001.
15. Rubin, H.J. & Rubin, I.S. Qualitative Interviewing: The Art of Hearing Data. Second Edition. Sage, Thousand Oaks, CA, 2005.
16. Senft, S., Daniel, P., Ph.D. Manson, Gonzales, C., and Gallegos, F., Information Technology Control and Audit, Second Edition, Auerbach Publications, Boston, MA, 2004.
17. Vidalis, S., "A Critical Discussion of Risk and Threat Analysis Methods and Methodologies", School of Computing Technical Report CS-04-03, 2004.
18. Winkler, I. "Audits, assessments & test (oh, my)", Information Security Magazine, 2000.
19. Walsham, G. Interpreting Information Systems in Organizations. Wiley, Chichester, 1993.