dc.contributor.author |
Hassandoust, Farkhondeh |
|
dc.contributor.author |
Johnston, Allen C |
|
dc.date.accessioned |
2023-12-07T00:01:27Z |
|
dc.date.available |
2023-12-07T00:01:27Z |
|
dc.date.issued |
2023-09 |
|
dc.identifier.citation |
(2023). Information Systems Journal: an international journal promoting the study and practice of information systems, 33(5), 1212-1238. |
|
dc.identifier.issn |
1350-1917 |
|
dc.identifier.uri |
https://hdl.handle.net/2292/66832 |
|
dc.description.abstract |
To improve organisational safety and enhance security efficiency, organisations seek to establish a culture of security that provides a foundation for how employees should approach security. There are several frameworks and models that provide a set of requirements for forming security cultures; however, for many organisations, the requirements of the frameworks are difficult to meet, if not impossible. In this research, we take a different perspective and focus on the core underlying competencies that high‐reliability organisations (HROs) have shown to be effective in achieving levels of risk tolerance consistent with the goals of a security culture. In doing so we draw on high‐reliability theory to develop a Security Culture Model that explains how a firm's supportive and practical competencies form its organisational security culture. To refine and test the model, we conducted a developmental mixed‐method study using interviews and survey data with professional managers involved in the information security (InfoSec) programs within their respective HROs. Our findings emphasise the importance of an organisation's supportive and practical competencies for developing a culture of security. Our results suggest that organisations' security cultures are a product of their InfoSec practices and that organisational mindfulness, top management involvement and organisational structure are key to the development of those practices. |
|
dc.language |
en |
|
dc.publisher |
Wiley |
|
dc.relation.ispartofseries |
Information Systems Journal |
|
dc.rights |
Items in ResearchSpace are protected by copyright, with all rights reserved, unless otherwise indicated. Previously published items are made available in accordance with the copyright policy of the publisher. |
|
dc.rights.uri |
https://researchspace.auckland.ac.nz/docs/uoa-docs/rights.htm |
|
dc.rights.uri |
https://creativecommons.org/licenses/by/4.0/ |
|
dc.subject |
46 Information and Computing Sciences |
|
dc.subject |
3505 Human Resources and Industrial Relations |
|
dc.subject |
35 Commerce, Management, Tourism and Services |
|
dc.subject |
3507 Strategy, Management and Organisational Behaviour |
|
dc.subject |
Science & Technology |
|
dc.subject |
Technology |
|
dc.subject |
Information Science & Library Science |
|
dc.subject |
high-reliability organisation |
|
dc.subject |
high-reliability theory |
|
dc.subject |
information security practices |
|
dc.subject |
organisational competencies |
|
dc.subject |
organisational mindfulness |
|
dc.subject |
security culture |
|
dc.subject |
MIXED-METHODS RESEARCH |
|
dc.subject |
SUPPLY CHAIN SECURITY |
|
dc.subject |
INFORMATION SECURITY |
|
dc.subject |
PLS-SEM |
|
dc.subject |
MINDFULNESS |
|
dc.subject |
MANAGEMENT |
|
dc.subject |
GUIDELINES |
|
dc.subject |
SYSTEMS |
|
dc.subject |
SAFETY |
|
dc.subject |
EXTENSION |
|
dc.subject |
0806 Information Systems |
|
dc.subject |
1503 Business and Management |
|
dc.subject |
3503 Business systems in context |
|
dc.subject |
4609 Information systems |
|
dc.title |
Peering through the lens of high‐reliability theory: A competencies driven security culture model of high‐reliability organisations |
|
dc.type |
Journal Article |
|
dc.identifier.doi |
10.1111/isj.12441 |
|
pubs.issue |
5 |
|
pubs.begin-page |
1212 |
|
pubs.volume |
33 |
|
dc.date.updated |
2023-11-22T23:02:38Z |
|
dc.rights.holder |
Copyright: The authors |
en |
pubs.end-page |
1238 |
|
pubs.publication-status |
Published |
|
dc.rights.accessrights |
http://purl.org/eprint/accessRights/OpenAccess |
en |
pubs.subtype |
Article |
|
pubs.subtype |
Journal |
|
pubs.elements-id |
995138 |
|
dc.identifier.eissn |
1365-2575 |
|
pubs.record-created-at-source-date |
2023-11-23 |
|
pubs.online-publication-date |
2023-05-17 |
|