Cultivating Corporate Information Security Obedience
نویسندگان
چکیده
One of the most prevalent problems with regard to protecting information assets is the behaviour of employees. Moreover, the behaviour of employees is, to a large extent, determined by the corporate culture of an organisation. Senior management, as part of its corporate governance responsibilities, must define a vision for information security in its organisation. An ideal corporate culture, in terms of information security, would be one where the de facto behaviour of employees is to satisfactorily protect information assets. This paper will expand Schein’s corporate culture model into two dimensions, detailing both management and employee’s behaviour in terms of information security and the three levels of corporate culture. A diagram detailing the Driving and Restraining Forces involved in the process of culture change will be detailed and the paper will conclude by investigating the Force Field Analysis process.
منابع مشابه
Critical Success Factors in implementing information security governance (Case study: Iranian Central Oil Fields Company)
The oil industry, as one of the main industries of the country, has always faced cyber attacks and security threats. Therefore, the integration of information security in corporate governance is essential and a governance challenge. The integration of information security and corporate governance is called information security governance. In this research, we identified "critical success factor...
متن کاملSocial Groupings and Information Security Obedience Within Organizations
Individuals’ compliance with information security policies is important for the overall security of organizations. It has been suggested that obedience cultures exist in organizations and that social processes and structures play a role for the compliance intentions and compliance behavior of individuals. This paper investigates if individuals’ compliance intention is more homogenous within soc...
متن کاملCorporate Governance: Information security the weakest link?
Information is an important asset of any organisation and the protection of this asset, through information security is equally important. This paper examines the relationship between corporate governance and information security and the fact that top management is responsible for high-quality information security.
متن کاملThe Causal Model of Corporate Identity,Security Leadership, and Work Ethics
This research is based on the investigation of the relations between corporate identity, security leadership, and work ethics among the Shiraz University’s staffs. This research is practical and the data collection was done with descriptive correlative method. The statistical populations are the Shiraz University’s staffs and their numbers are 982. The sample size is 288 and they are chosen ran...
متن کامل