Title

Towards an organizational culture framework for information security practices

Document Type

Book Chapter

Publisher

IGI Global

Faculty

Faculty of Computing, Health and Science

School

ECU Security Research Institute

RAS ID

14571

Comments

This chapter was originally published as: Soon Lim, J., Chang, S., Ahmad, A. , & Maynard, S. (2012). Towards an organizational culture framework for information security practices. In M Gupta, J Walp, R Sharman, (Eds.). Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions (pp. 296-315). IGI Global.

Abstract

In organizations, employee behaviour has a considerable impact on information security. The organizational culture (OC) that shapes acceptable employee behaviours is therefore significant. A large body of literature exists that calls for the cultivation of security culture to positively influence information security related behaviour of employees. However, there is little research examining OC that enables the implementation of information security. The authors address the unsubstantiated claim that there is an important relationship between OC and the ability to successfully implement information security. Findings suggest that security practices can be successfully implemented within eight organizational culture characteristics. Investigation of these organizational culture characteristics from a security perspective is an important step toward future empirical research aimed at understanding the relationship between OC and the implementation of systematic improvement of security practices. The research and practical implications of these findings are discussed, and future research areas are explored.

DOI

10.4018/978-1-4666-0197-0.ch017

Share

 
COinS