Information security quality assurance : quality information and social perceptions
Date
2020Access restrictions
The author has not given permission to make the work publicly available electronically. Therefore the material can be read only at the archival workstation at Jyväskylä University Library (https://kirjasto.jyu.fi/en/workspaces/facilities).
Copyright
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Understanding formation of corner stones of information security, implementation, state, reasoning and outcomes of actions in reality in organizations operations is vital. Individual perceptions over organizations information security, information security quality, importance and realization of quality information are key components of this research. Each individual within the company have possibility to impact its information security quality with ones actions, competence, awareness and experiences. Identification and understanding information security needs, perceptions and interpretations of individual’s leads researchers towards understanding how information security quality is formed within social system present in organization and its social sub-systems. Regulatory external factors obvious to organizations operating field relevant to information security can fail to appear within organizations strategy that is expected to lead the way. Instead organizational strategy, forced external factors can find other routes into organizations information security operations through forced regulatory activities that have more impact to the real-life information security assessment, assurance and practical actions. Methods of assessment and assurance can deliver quality information for the information security decision-making only if applied correctly and fit for the purpose. Individual interpretation of the data can lead either to biased information or towards quality information. Therefore competence and overall understanding of the information gathering method and the issue at hand is a must when interpreting information. Themed interviews are good method for information security quality assessment within social systems as those provide individuals perceptions of the overall situation and its pros and cons. The chain of administrative controls such as policies, risk management, guidelines and actual interpretation of desired standards can fail to deliver and lead to situations where individual competence and social systems plays major role in organizations information systems security. Good willed competent employees taking self-reliant actions to improve information security in their work and relevant social systems are heroes of the organizations information security implementation and actualization.
...
Metadata
Show full item recordCollections
- Pro gradu -tutkielmat [29561]
Related items
Showing items with similar title or keywords.
-
A Knowledge Interface System for Information and Cyber Security Using Semantic Wiki
Nykänen, Riku; Kärkkäinen, Tommi (Springer International Publishing, 2018)Resilience against information and cyber security threats has become an essential ability for organizations to maintain business continuity. As bulletproof security is an unattainable goal, organizations need to concentrate ... -
Protecting against social engineering attacks in a corporate environment
Ali-Kovero, Jouni (2020)Tämän Pro gradu –tutkielman tarkoitus on tutkia yritysten tapoja suojautua käyttäjän manipulointiin (eng. Social Engineering) pyrkiviltä hyökkäyksiltä. Tutkielma toteutettiin kirjallisuuskatsauksen ja haastatteluihin ... -
Literature review of information security practice survey reports
Yang, Yaping (2018)The author searched reports about enterprises information security prepared by consulting companies in order to understand organizations' security practices. The author then summarized the reports by year, identified topics ... -
Kyberin taskutieto : keskeisin kybermaailmasta jokaiselle
Lönnqvist, Irina; Moilanen, Panu (Jyväskylän yliopisto, 2018) -
Information Security Governance in Civil Aviation
Salmenpää, Tomi (Springer, 2022)This chapter focuses mainly to proactive means in information security and more specifically governance of information security in civil aviation. The reason is that, to find sustainable, coherent and holistic way to ...