Analyzing Value Conflicts for a Work-Friendly ISS Policy Implementation

Abstract : Existing research shows that the Information Systems Security policies’ (ISSPs) inability to reflect current practice is a perennial problem resulting in users’ non-compliant behaviors. While the existing compliance approaches are beneficial in many ways, they do not consider the complexity of Information Systems Security (ISS) management and practice where different actors adhere to different and sometimes conflicting values. The unsolved value conflicts often lead to unworkable ISS processes and users’ resistance. To address this shortcoming, this paper suggests a value conflicts analysis as a starting point for implementing work-friendly ISSPs. We show that the design and implementation of a work-friendly ISSP should involve the negotiation for different values held by the different actors within an organization.
Document type :
Conference papers
Complete list of metadatas

Cited literature [31 references]  Display  Hide  Download

https://hal.inria.fr/hal-01518254
Contributor : Hal Ifip <>
Submitted on : Thursday, May 4, 2017 - 1:45:46 PM
Last modification on : Thursday, February 21, 2019 - 10:31:47 AM
Long-term archiving on : Saturday, August 5, 2017 - 1:26:51 PM

File

978-3-642-30436-1_28_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Ella Kolkowska, Bart Decker. Analyzing Value Conflicts for a Work-Friendly ISS Policy Implementation. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. pp.339-351, ⟨10.1007/978-3-642-30436-1_28⟩. ⟨hal-01518254⟩

Share

Metrics

Record views

68

Files downloads

148