The long-term effects of information security e-learning on organizational learning

Information Management & Computer Security

Volumn 19, Issue 3, 2011, Pages 140-154

  Hagen, Janne ^a   Albrechtsen, Eirik ^a   Ole Johnsen, Stig ^a  

^a NORWEGIAN UNIVERSITY OF SCIENCE AND TECHNOLOGY   (Norway)

Author keywords

Awareness; Behaviour; E learning; Information security; Intervention study; Organizational learning

Indexed keywords

ACTION RESEARCH; AWARENESS; BEHAVIOUR; CONTROL GROUPS; COURSEWARE; DESIGN/METHODOLOGY/APPROACH; E-LEARNING TOOL; HUMAN INTERVENTION; INFORMATION SECURITY AWARENESS; INTERVENTION STUDY; LONG-TERM EFFECTS; ORGANIZATIONAL LEARNING; RESEARCH LIMITATIONS; RESPONSE RATE; SECURITY AWARENESS;

E-LEARNING; HUMAN RESOURCE MANAGEMENT; KNOWLEDGE MANAGEMENT; RESEARCH; SURVEYS;

SECURITY OF DATA;

EID: 79960754088     PISSN: 09685227     EISSN: None     Source Type: Journal    
DOI: 10.1108/09685221111153537     Document Type: Article

References (24)

1. Albrechtsen, E. (2008), “Friend or foe? Information security management of employees”, PhD dissertation, Theses No. 2008: 101, Norwegian University of Science and Technology (NTNU), Trondheim.
2. Argyris, C. and Schön, D. (1978), Organizational Learning: A Theory of Action Perspective, Addison-Wesley, Reading, MA.
3. Brown, J.S. and Duguid, P. (1991), “Organizational learning and communities-of-practise: toward a unified view of working, learning and innovation”, Organizational Science, Vol. 2 No. 1, pp. 40-57.
4. Cone, B.D., Irvine, C.E., Thompson, M.F. and Nguyen, T.D. (2007), “A video game for cyber security training and awareness”, Computers and Security, Vol. 26, pp. 63-72.
5. Denis, G. and Jouvelot, P. (2005), “Motivation-driven educational game design: applying best practices to music education”, in Ed. Lee, N. (Ed.), Proceedings of the International Conference on Advances in Computer Entertainment Technology, ACM Press, New York, NY.
6. Dings⊘yr, T. and Moe, N.B. (2008), “The impact of employee participation on the use of an electronic process guide: a longitudinal case study”, IEEE Transactions on Software Engineering, Vol. 34 No. 2, pp. 212-226.
7. ENISA (2007), Information Security Awareness Initiatives: Current Practice and the Measurement of Success, European Network and Information Security Agency (ENISA), Crete.
8. Garris, R., Ahlers, R. and Driskell, J. (2002), “Games, motivation and learning: a research and practice model”, Simulation and Gaming, Vol. 33 No. 4, pp. 441-7.
9. Goldenhar, L.M. and Schulte, P.A. (1994), “Intervention research in occupational health and safety”, Journal of Occupational Medicine, Vol. 36 No. 7, pp. 763-775.
10. Hagen, J. (2009 a), “How do employees comply with security policy? A comparative case study of four organizations under the Norwegian Security Act”, The Human Factor Behind the Security Perimenter, Evaluating the Effectiveness of Organizational Information Security Measures and Employees' Contributions to Security, Doctoral dissertation, Faculty of Mathematics and Natural Science, University of Oslo, Oslo.
11. Hagen, J. (2009 b), “Human relationships: a never-ending security education challenge?”, IEEE Security and Privacy, pp. 72-74.
12. Hagen, J. and Albrechtsen, E. (2009), “Effects on employees' information security abilities by e-learning”, Information Management & Computer Security, Vol. 17 No. 5, pp. 388-407.
13. Hagen, J., Irvine, C. and Thompson, A. (2009), “A preliminary study of barriers to engagement in cybersiege”, Technical Report, NPS-CS-09-006, Naval Postgraduate School, Monterey, CA.
14. Kristensen, T.S. (2005), “Intervention studies in occupational epidemiology”, Occupational and Environmental Medicine, Vol. 62 No. 3, pp. 205-210.
15. Nonaka, I. and Takeuchi, H. (1995), The Knowledge Creating Company, Oxford University Press, New York, NY.
16. Rentroia, M.A., Jorge, J. and Ghauoui, C. (2006), “Motivation to e-learn without organizational settings: an exploratory factor structure”, International Journal Distance Education Technologies, Vol. 4 No. 3, pp. 24-35.
17. Ringdal, K. (2001), Enhet og mangfold: samfunnsvitenskapelig forskning og kvantitativ metode (in Norwegian) (Unity and Diversity: Social Science and Quantitative Methods), Fagbokforlaget, Bergen.
18. Robson, L.S., Shannon, H.S., Goldenhar, L.M. and Hale, A.R. (2001), Guide to Evaluating the Effectiveness of Strategies for Preventing Work Injuries: How to Show Whether a Safety Intervention Really Works, NIOSH, Cincinnati, OH (NIOSH Publication No. 2001-119).
19. Schneier, B. (2004), Secrets and Lies: Digital Security in a Networked World, Wiley, Indianapolis, IN.
20. Schultz, E. (2005), “The human factor in security”, Computers and Security, Vol. 24 No. 6, pp. 425-6.
21. Wang, A.J.A. and Yestko, K. (2005), “Building reusable information security courseware”, paper presented at the Information Security Curriculum Development Conference, Kennesaw, GA, 23-24 September.
22. Ward, P. and Smith, C.L. (2002), “The development of access control policies for information technology systems”, Computers and Security, Vol. 21 No. 4, pp. 365-371.
23. Weick, K.E. (1991), “The non-traditional quality of organizational learning”, Organizational Science, Vol. 2 No. 1, pp. 116-124.
24. Yuiki, G. (2009), “Leadership and organizational learning”, The Leadership Quarterly, Vol. 20 No. 1, pp. 49-53.