Information security consciousness (also cited in literature as awareness) is referred to the condition in which information systems users (end-users principally) in an organisation are well informed, prepared to – and committed – the security issues concerning the use of those systems. In adherence to Mathieson’s thought about the use of Information Systems (IS) information security consciousness is, within that view, of fundamental importance. It is foreseen by a number of studies that a higher level of consciousness should significantly reduce user related faults and maximize the overall information system. The motivation of different organisational levels, e.g., to comply with information security policies and procedures is an activity that falls into the content category. Technology Acceptance Model (TAM) of Davis and the Theory of Planned Behaviour of Ajzen are taken into account. It is suggested that the persuasion strategy should start from communication of reasons and explanations, providing answers about rules and security procedures.
Cavallari, M., Information Systems Security and End-User Consciousness - A Strategic Matter, in D'Atri, A., De Marco, M., Braccini, A. (ed.), Management of the Interconnected World, Springer, Heidelberg 2010: <<Physica Verlag>>, 261- 268. 10.1007/978-3-7908-2404-9_29 [http://hdl.handle.net/10807/21597]
Information Systems Security and End-User Consciousness - A Strategic Matter
Cavallari, Maurizio
2010
Abstract
Information security consciousness (also cited in literature as awareness) is referred to the condition in which information systems users (end-users principally) in an organisation are well informed, prepared to – and committed – the security issues concerning the use of those systems. In adherence to Mathieson’s thought about the use of Information Systems (IS) information security consciousness is, within that view, of fundamental importance. It is foreseen by a number of studies that a higher level of consciousness should significantly reduce user related faults and maximize the overall information system. The motivation of different organisational levels, e.g., to comply with information security policies and procedures is an activity that falls into the content category. Technology Acceptance Model (TAM) of Davis and the Theory of Planned Behaviour of Ajzen are taken into account. It is suggested that the persuasion strategy should start from communication of reasons and explanations, providing answers about rules and security procedures.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
