Review of IS Security Policy Compliance: Toward the Building Blocks of an IS Security Theory

Balozian Puzant; Leidner Dorothy

首页> 外文期刊>The data base for advances in information systems >Review of IS Security Policy Compliance: Toward the Building Blocks of an IS Security Theory

【24h】

Review of IS Security Policy Compliance: Toward the Building Blocks of an IS Security Theory

机译：审查IS安全策略合规性：迈向IS安全理论的基础

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

An understanding of insider threats in information systems (IS) is important to help address one of the dangers lurking within organizations. This article provides a review of the literature on insider compliance (and failure of compliance) with information systems' policies in order to understand the status of IS research regarding negligent and malicious insiders. We begin by defining the terms, developing a new taxonomy of insiders, and then providing a comprehensive review of articles on IS policy compliance for the past 26 years. Grounding the analysis in the literature, we-inductively identify four themes to foster Information Security policy compliance among employees. The themes are: 1) IS management philosophy, 2) procedural countermeasures, 3) technical countermeasures, and 4) environmental countermeasures. We propose that future research can draw upon these themes and use them as the building blocks of an indigenous IS security theory.

机译：了解信息系统（IS）中的内部威胁对于帮助解决组织内部潜伏的危险之一很重要。本文提供了有关信息系统政策的内部人遵从性（以及遵从性失败）文献的综述，以了解有关过失和恶意内部人的信息系统研究的现状。我们首先定义术语，开发内部人员的新分类法，然后对过去26年中有关IS政策合规性的文章进行全面回顾。基于文献中的分析，我们归纳地确定了四个主题以促进员工之间的信息安全策略合规性。主题是：1）IS管理理念，2）程序对策，3）技术对策和4）环境对策。我们建议未来的研究可以利用这些主题，并将其用作本地IS安全理论的基础。

著录项

来源
《The data base for advances in information systems》 |2017年第3期|11-43|共33页
作者
Balozian Puzant; Leidner Dorothy;
展开▼
作者单位

Lebanese Amer Univ, Beirut, Lebanon;

Baylor Univ, Informat Syst, Waco, TX 76798 USA|Baylor Univ, PhD Program Informat Syst, Waco, TX 76798 USA|Lund Univ, Lund, Sweden;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
Insider Threat; Information Systems Security; Review; Compliance; Noncompliance; Information Systems Security Policy;

机译：内部威胁;信息系统安全;审查;合规性;不合规;信息系统安全策略;

相似文献

外文文献
中文文献
专利

1. Information Security Culture Dimensions in Information Security Policy Compliance Study: A Review [J] . Advanced Science Letters . 2018,第2期

机译：信息安全文化尺寸信息安全政策合规研究：审查
2. Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory [J] . Princely Ifinedo Computers & Security . 2012,第1期

机译：了解信息系统安全策略的遵从性：计划行为理论和保护动机理论的整合
3. Building an awareness-centered information security policy compliance model [J] . Koohang Alex, Anderson Jonathan, Nord Jeretta Horn, Industrial management & data systems . 2020,第1期

机译：构建以知名度为中心的信息安全策略合规模型
4. A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance [C] . Teodor Sommestad, Jonas Hallberg Security and privacy protection in information processing systems . 2013

机译：信息安全政策合规背景下的计划行为理论综述
5. Toward a theory of employee compliance with information security policies: A grounded theory methodology [D] . Sikolia, David Wafula 2013

机译：建立员工遵守信息安全政策的理论：扎根的理论方法
6. An Integrative Behavioral Model of Information Security Policy Compliance [O] . Sang Hoon Kim, Kyung Hoon Yang, Sunyoung Park -1

机译：信息安全策略遵从的集成行为模型
7. A Review of the Theory of Planned Behaviour in the Context of Information Security Policy Compliance [O] . Sommestad, Teodor, Hallberg, Jonas 2013

机译：信息安全政策合规背景下的计划行为理论综述

Review of IS Security Policy Compliance: Toward the Building Blocks of an IS Security Theory

摘要

著录项

相似文献

相关主题

期刊订阅