Analyzing Value Conflicts for a Work-Friendly ISS Policy Implementation

Abstract : Existing research shows that the Information Systems Security policies’ (ISSPs) inability to reflect current practice is a perennial problem resulting in users’ non-compliant behaviors. While the existing compliance approaches are beneficial in many ways, they do not consider the complexity of Information Systems Security (ISS) management and practice where different actors adhere to different and sometimes conflicting values. The unsolved value conflicts often lead to unworkable ISS processes and users’ resistance. To address this shortcoming, this paper suggests a value conflicts analysis as a starting point for implementing work-friendly ISSPs. We show that the design and implementation of a work-friendly ISSP should involve the negotiation for different values held by the different actors within an organization.
Type de document :
Communication dans un congrès
Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.339-351, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_28〉
Liste complète des métadonnées

Littérature citée [31 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01518254
Contributeur : Hal Ifip <>
Soumis le : jeudi 4 mai 2017 - 13:45:46
Dernière modification le : jeudi 4 mai 2017 - 14:53:52
Document(s) archivé(s) le : samedi 5 août 2017 - 13:26:51

Fichier

978-3-642-30436-1_28_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Ella Kolkowska, Bart Decker. Analyzing Value Conflicts for a Work-Friendly ISS Policy Implementation. Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.339-351, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_28〉. 〈hal-01518254〉

Partager

Métriques

Consultations de la notice

36

Téléchargements de fichiers

14