The motivation of the current paper is the search for responses about decision making in both context, computer and non-computer scenarios, thus whether no difference shall be found, the large behavioural literature on non-computer decision making can be used to interpret security issues. The effort is then devoted to identify a set of organisational literature contribution to emerging forms of organisations and behaviours with respect to the human factor and security problems. While many authors propose a top-down view of organisational/policy-directed security the proposition of this paper is a bottom-up analysis, addressed to the end-user as a member of the organisation and moreover of its culture. As the results of the work, a threefold set of theoretical frameworks has been identified, leading to a robust conceptual base: the “Contingency Model of Strategic Risk Taking” of Baird; the “Strategic modeling technique for information security risk assessment” of Misra, and a major contribution of Ciborra’s work.
Cavallari, M., Human computer interaction and systems security - an organisational appraisal, in De Marco, M., Nunzio Casalin, N. C. (ed.), Interdisciplinary Aspects of Information Systems Studies, Springer, Heidelberg 2008: 261- 268. 10.1007/978-3-7908-2010-2_32 [http://hdl.handle.net/10807/21603]
Human computer interaction and systems security - an organisational appraisal
Cavallari, Maurizio
2008
Abstract
The motivation of the current paper is the search for responses about decision making in both context, computer and non-computer scenarios, thus whether no difference shall be found, the large behavioural literature on non-computer decision making can be used to interpret security issues. The effort is then devoted to identify a set of organisational literature contribution to emerging forms of organisations and behaviours with respect to the human factor and security problems. While many authors propose a top-down view of organisational/policy-directed security the proposition of this paper is a bottom-up analysis, addressed to the end-user as a member of the organisation and moreover of its culture. As the results of the work, a threefold set of theoretical frameworks has been identified, leading to a robust conceptual base: the “Contingency Model of Strategic Risk Taking” of Baird; the “Strategic modeling technique for information security risk assessment” of Misra, and a major contribution of Ciborra’s work.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
