Knowledge management within information security: The case of Barings Bank

International Journal of Business Information Systems

Volumn 3, Issue 6, 2008, Pages 652-667

  Kesar, Shalini ^a  

^a SOUTHERN UTAH UNIVERSITY   (United States)

Author keywords

Computer fraud; KM; Knowledge Management; Management of information security; Opportunities; Technical and social aspects of information security

Indexed keywords

EID: 47049105607     PISSN: 17460972     EISSN: 17460980     Source Type: Journal    
DOI: 10.1504/IJBIS.2008.018996     Document Type: Article

References (65)

1. Audit Commission (1998) Ghost in the Machine - An Analysis of IT Fraud & Abuse, Milton Park, Abingdon, Oxon: HMSO.
2. Audit Commission (2001) Community Safety Partnership, London: HMSO.
3. Audit Commission (2005) IT Fraud and Abuse, London: HMSO.
4. Backhouse, J. and Dhillon, G. (1996) 'Structures of responsibility and security of information systems', European Journal of Information Systems, Vol. 5, No. 1, pp.2-9.
5. Balsmeier, P. and Kelly, J. (1996) 'The ethics of sentencing white-collar criminals', Journal of Business Ethics, Vol. 15, No. 2, pp.143-152.
6. Bank of England Report (1995) Report of the Board of Banking Supervision: Inquiry into the Circumstances of the Collapse of Barings HMSO.
7. Belsis, P. and Kokolakis, S. (2005) 'Information systems security from a knowledge management perspective', Information Management & Computer Security, Vol. 13, No. 3, pp.189-202.
8. BSI (2002) 'Information security management - Part 2: Specification for information security management systems', BS 7799-2: 2002, London, British Standards Institute.
9. Call, D. (2005) 'Knowledge management science-not rocket science', Journal of Management Science, Vol. 9, No. 2, pp.19-30.
10. Conger, S., Loch, K.D. and Helft, B.L. (1995) 'Ethics and information technology use: A factor analysis of attitudes to computer use', Information Systems Journal, Vol. 6, No. 4, pp.161-184.
11. Croall, H. (1992) White-collar Crime, Milton Keynes: Open University Press.
12. Croall, H. (2001) Understanding White-collar Crime, Buckingham: Open University Press.
13. CSI/FBI (2002) Computer Security Issues and Trends, San Francisco: CSI.
14. CSI/FBI (2004) Computer Crime Security Survey, San Francisco: CSI.
15. CSI/FBI (2005) Computer Security Issues and Trends, San Francisco: CSI.
16. CSI/FBI (2006) Computer Security Issues and Trends, San Francisco: CSI.
17. Dawson, S. (1992) Analysing Organisations, Macmillan Press.
18. Dhillon, G. (1997) Managing Information System Security, Macmillan Press.
19. Dhillon, G. (Ed.) (2001) Information Security Management Global Challenges in the New Millennium, Hershey, PA: Idea Group Publishing.
20. Dhillon, G. and Backhouse, J. (1995) 'Computer fraud: Its management and control', in J. Reuvid (Ed.) The Regulation and Prevention of Economic Crime Internationally, London: Kogan, pp.81-89.
21. Dhillon, G. and Backhouse, J. (2001) 'Current directions in IS security research: Toward socio-organisational perspectives', Information Systems Journal, Vol. 11, No. 2, pp.127-153.
22. Dhillon, G., Silva, L. and Backhouse, J. (2004) 'Computer crime at CEFORMA: A case study', International Journal of Information Management, Vol. 24, No. 6, pp.551-561.
23. Forester, T. and Morrison, P. (1994) Computer Ethics: Cautionary Tales and Ethical Dilemmas in Computing, Cambridge: The MIT Press.
24. Gapper, J. and Denton, N. (1996) All the Glitters, USA: Hamish Hamilton.
25. Gellerman, S.W. (1993) 'Managing ethics from the top down', Information Executive, The Journal of Information Systems Management, Vol. 2, No. 4.
26. Gerber, M., Solms, R.V. and Overbeek, R. (2001) 'Formalizing information security requirements', Information Management & Computer Security Vol. 9, No. 1, pp.32-37.
27. Goodhue, D.L. and Straub, D.W. (1989) 'Security concerns of system users: A proposed study of user perceptions of the adequacy of security measures', Proceedings of the 21st Hawaii International Conference on System Science (HICCS), Kina, HA.
28. Halliday, J. and von Solms, R. (1997) 'Effective information security policies', Information Technology on the Move, v. Solms, Port Elizabeth, Port Elizabeth Technikon, pp.12-20.
29. Harrington, S.J. (1995) 'Computer crime and abuse by IS employees: something to worry about?', Journal of Systems Management, Vol. 46, No. 2, pp.6-11.
30. Haugen, S. and Selin, J.R. (1999) 'Identifying and controlling computer crime and employee fraud', Industrial Management & Data Systems, Vol. 99, No. 8, pp.340-344.
31. Hinde, S. (2003) 'The law, cybercrime, risk assessment and cyber protection', Computers and Security, Vol. 22, No. 2, pp.90-95.
32. Hitchings, J. (1995) 'Deficiencies of the traditional approach to information security and the requirement for a new methodology', Computers & Security, Vol. 14, No. 5, pp.377-383.
33. Hoffer, J.A. and Straub, D.W. (1989) 'The 9 to 5 underground: Are you policing computer crimes?', Sloan Management Review, Vol. 30, No. 4, pp.35-44.
34. James, H. (1996) 'Managing information systems security: A soft approach', International Conference for Information Systems (ICIS) Cleveland, Ohio, USA, 16-18 December.
35. Johnson, D.G. and Mulvey, J.M. (1995) 'Accountability and computer decision systems', Communications of the ACM, Vol. 38, No. 12, pp.58-64.
36. Kesar, S. (2002) 'Management of computer misuse committed by employees within organisations', MPhil Thesis (Information Systems), De Montfort University, Leicester, p.351.
37. Krauss, L. (1980) SAFE: Security Audit and Field Evaluation for Computer Facilities and Information Systems, New York: Amacon.
38. Laudon, K.C. (1995) 'Ethical concepts and information technology', Communications of the ACM, Vol. 38, No. 12, pp.33-39.
39. Liebenau, J. and Backhouse, J. (1990) Understanding Information: An Introduction, London: MacMillan.
40. Magklaras, G.B. and Furnell, S.M. (2003) 'Insider threat prediction tool: Evaluating the probability of IT misuse', Computers & Security Vol. 21, No. 1, pp.62-73.
41. Magklaras, G.B. and Furnell, S.M. (2005) 'A preliminary model of end user sophistication for insider threat prediction in IT systems', Vol. 24, No. 5, pp.371-380.
42. McEvily, S.K. and Chakravarthy, B. (2002) 'The persistence of knowledge-based advantage: An empirical test for product performance and technological knowledge', Strategic Management Journal, Vol. 23, pp.285-305.
43. Mintzberg, H. (1979) The Structuring of Organisations, Englewoods Cliffs, NJ: Prentice-Hall.
44. Mintzberg, H. (1994) The Rise and Fall of Strategic Planning, New York: The Free Press.
45. Mintzberg, H. and McHugh, A. (1985) 'Strategy formation in an adhocracy', Administration Sciences, Vol. 30, No. 2, pp.160-197.
46. Neumann, P. (1991) 'Computer security and human values', National Conference on Computing and Values, South Connecticut State University, Research Center on Computing and Society, South Connecticut State University.
47. Nonaka, I. and Takecuchi, H. (1995) The Knowledge-creating Company Oxford: Oxford University Press.
48. Pohs, W. (2001) Practical Knowledge Management: The Lotus Discovery System, Double Oak: IBM Press.
49. Polanyi, M. (1966) The Tacit Dimension, London: Routledge & Kegan.
50. Polanyi, M. (1997) 'The tacit dimension', in L. Prusak (Ed.) Knowledge in Organizations, Boston, MA: Butterworth-Heinemann, pp.135-146.
51. Price Waterhouse Report (1995) 'Baring futures (Singapore) Pte Ltd: investigation pursuant to Section 231 of the Companies Act (Chapter 50)', in C.S.M. Lim and N.K.N. Tan (Eds.) The Report of the Inspectors from Price Waterhouse Appointed by the Minister of Finance September.
52. Randeree, E. (2006) 'Knowledge management: Securing the future', Journal of Knowledge Management, Vol. 10, No. 4, pp.145-156.
53. Rawnsley, J. (1995) Going for Broke: Nick Leeson and the Collapse of Barings Bank, Harper Collins.
54. Schultz, E.E. (2002) 'A framework for understanding and predicting insider attacks', Computers & Security, Vol. 21, No. 6, pp.526-531.
55. Senge, P., Kleiner, A., Roberts, C., Ross, R.G. and Smith, B. (1999) The Dance of Change: The Challenges to Sustaining Momentum in Learning Organisations, New York: Doubleday.
56. Siponen, M.T. (2000) 'A conceptual foundation for organizational information security awareness', Information Management & Computer Security, Vol. 8, No. 1, pp.31-41.
57. Siponen, M.T. (2001) 'An analysis of the recent IS security development approaches: Descriptive and prescriptive implications', in G. Dhillon (Ed.) Information Security Management: Global Challenges in the New Millennium, Hershey: Idea Group Publishing, pp.125-134.
58. Spinello, R.A. (1997) Case Studies in Information and Computer Ethics Upper Saddle River, NJ: Prentice-Hall.
59. Straub, D.W. (1990) 'Effective IS security: An empirical study', Information System Research, Vol. 1, No. 2, pp.255-277.
60. Straub, D.W. and Welke, R.J. (1998) 'Coping with systems risks: Security planning models for management decision making', MIS Quarterly, Vol. 22, No. 4, pp.441-464.
61. Thomson, M.E. and von Solms, R. (1998) 'Information security awareness: educating your users effectively', Information Management & Computer Security, Vol. 6, No. 4, pp.167-173.
62. Von Solms, R. (1998) 'Why information security is so important', Information Security Management, Vol. 6, No. 5, pp.224-225.
63. Warman, A.R. (1992) 'Organizational computer security policy: The reality', European Journal of Information Systems, Vol. 1, No. 5, pp.305-310.
64. Warman, A.R. (1993) Computer Security within Organisations, London: Macmillan Press.
65. Zander, U. and Kogut, B. (1995) 'Knowledge and the speed of the transfer and imitation of organizational capabilities: An empirical test', Organisation Science, Vol. 6, pp.76-92.