TUTCRIS - Tampereen teknillinen yliopisto

TUTCRIS

A Practice Lens for Understanding the Organizational and Social Challenges of Information Security Management

Tutkimustuotosvertaisarvioitu

Yksityiskohdat

AlkuperäiskieliEnglanti
OtsikkoProceedings of the 20th Pacific Asia Conference on Information Systems (PACIS 2016)
ISBN (elektroninen)9789860491029
TilaJulkaistu - 2016
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaPacific Asia Conference on Information Systems -
Kesto: 1 tammikuuta 2014 → …

Conference

ConferencePacific Asia Conference on Information Systems
Ajanjakso1/01/14 → …

Tiivistelmä

As the cost and amount of information security breaches continue to rise, information security management becomes vital for organizations. Often organization seek advice from information security management standards and other frameworks to manage their information security. Such standards and frameworks depict information security management as a rational, systematic and linear process and leave out the complexity and uncertainty of real-life settings. In particular, they pay little attention to the organizational and social challenges inherent in information security management. Therefore, this study draws on the practice theory to develop a practice lens for understanding how people, practices and what happens in practice interact and create such challenges. This lens depicts information security management as emerging from mundane aspects of information security management work and from the enacted social structures of and events arising at an organization and its environment and enables a deeper understanding of the organizational and social challenges. After developing this lens, it is illustrated and elaborated through an ethnographic study at an IT service provider, and its contributions to research and practice discussed.

Julkaisufoorumi-taso

Tilastokeskuksen tieteenalat