Title: A socio-organisational approach to information systems security risks

Authors: Ioannis V. Koskosas, Ray J. Paul

Addresses: Department of Information Systems and Computing, Brunel University, London, Uxbridge, UB8 3PH, UK. Department of Information Systems and Computing, Brunel University, London, Uxbridge, UB8 3PH, UK

Abstract: The investigation in this paper takes a socio-organisational approach to information systems security management and proposes a framework which illustrates three important issues in the process of security goal setting. These are: trust, culture and risk communication. Three case studies show evidence that there is a chain reaction among these issues with a subsequent effect on the level of security goal setting. Ultimately, the paper identifies the determinants of group commitment within the IT departments of three financial institutions in Greece. This paper also provides a discussion regarding the research methods that were used to obtain the results.

Keywords: trust; culture; risk communication; IS security; goal setting; goal commitment; information systems; Greece.

DOI: 10.1504/IJRAM.2003.003527

International Journal of Risk Assessment and Management, 2003 Vol.4 No.2/3, pp.232 - 244

Published online: 12 Sep 2003 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article