From security policy to practice: Sending the right messages

Computer Fraud and Security

Volumn 2010, Issue 3, 2010, Pages 13-19

  Chipperfield, Caroline ^a   Furnell, Steven ^a  

^a UNIVERSITY OF PLYMOUTH   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

ORGANISATIONAL CHANGE; SECURITY POLICY; TARGET AUDIENCE;

SECURITY SYSTEMS;

EID: 77950580254     PISSN: 13613723     EISSN: None     Source Type: Journal    
DOI: 10.1016/S1361-3723(10)70025-7     Document Type: Article

References (14)

1. Fielding M. Effective Communication in organisations. 3rd Edition (2005), Juta and Company Ltd 14
2. Melcrum. Viral Communication in the Workplace - Practical new techniques for engaging employees and changing behaviours. Melcrum Research Report, July 2008 (2008). http://www.melcrum.com/store/products/product.shtml?id=300000126
3. Pattinson M., and Anderson G. "Risk Communication, Risk Perception and Information Security". In: Dowland P., Furnell S., Thuraisingham B., and Wang X.S. (Eds). Security Management, Integrity, and Internal Control in Information Systems (2005), Springer, New York 175-184
4. Grant, Ian. 2007. "Public sector staff 'ignore IT security'", Computer Weekly, 11 December 2007, p7.
5. ENISA. 2007. Information security awareness initiatives: Current practice and the measurement of success. European Network and Information Security Agency, July 2007.
6. Furnell, S. and Thomson, K. 2009. "From culture to disobedience: Recognising the varying user acceptance of IT security", Computer Fraud & Security, February 2009, pp5-10.
7. Maister D.H., Green C.H., and Galford R.M. The Trusted Advisor (2001), Touchstone, New York
8. SMS. "The Origins of the Influence Style Questionnaire", Situation Management Systems, Inc (2006). http://www.smsinc.com/resources/articles/origins_influence_style_questionnaire.html (accessed 28 December 2009)
9. Myers I.B., McCaulley M.H., Quenk N.L., and Hammer A.L. MBTI Manual (A guide to the development and use of the Myers Briggs type indicator). 3rd edition (1998), Consulting Psychologists Press
10. For reference, the dichotomies are: Extraversion - Introversion; Sensing - iNtuition, Thinking - Feeling; and Judging - Perceiving. Examples of resulting Myers-Briggs Type Indicator would then be ENFP or ISFJ.
11. Maslow A.H. "A Theory of Human Motivation". Psychological Review 50 4 (1943) 370-396
12. BERR. 2008. 2008 Information Security Breaches Survey - Technical Report. Department for Business Enterprise & Regulatory Reform. April 2008. URN 08/788.
13. Spurling P. "Promoting security awareness and commitment". Information Management & Computer Security 3 2 (1995) 20-26
14. Furnell, S., Papadaki, M. and Thomson, K. 2009. "Scare tactics - A viable weapon in the security war?", Computer Fraud & Security, December 2009, pp6-10.