To read the full version of this content please select one of the options below:

Process‐variance models in information security awareness research

Aggeliki Tsohou (Department of Information and Communication Systems Engineering, University of the Aegean, Karlovasi, Samos, Greece)
Spyros Kokolakis (Department of Information and Communication Systems Engineering, University of the Aegean, Karlovasi, Samos, Greece)
Maria Karyda (Department of Information and Communication Systems Engineering, University of the Aegean, Karlovasi, Samos, Greece)
Evangelos Kiountouzis (Department of Informatics, Athens University of Economics and Business, Athens, Greece)

Information Management & Computer Security

ISSN: 0968-5227

Publication date: 18 July 2008

Abstract

Purpose

The purpose of this paper is to study the way information systems (IS) security researchers approach information security awareness and examine whether these approaches are consistent with the organization theory and IS approaches for the study of organizational processes.

Design/methodology/approach

Open coding analysis was performed on selected publications (articles, surveys, standards, and reports). The chosen publications were classified and the classification results are presented, based on a proposed typology.

Findings

The proposed typology allows us to identify different types of research models followed by security researchers and practitioners, and to infer a set of practical implications, for the benefit of those interested in empirically studying information security awareness.

Research limitations/implications

The paper represents a pilot survey, performed in a selected number of publications.

Practical implications

The paper helps researchers and practitioners to distinguish the research models that can be adopted for the study of information security awareness organizational process, by identifying the key dimensions along which they differ.

Originality/value

The proposed typology provides a guide to identify the range of options available to researchers and practitioners when they design their work regarding the security awareness topic. Moreover, it can facilitate the communication between scholars in the field of security awareness.

Keywords

Citation

Tsohou, A., Kokolakis, S., Karyda, M. and Kiountouzis, E. (2008), "Process‐variance models in information security awareness research", Information Management & Computer Security, Vol. 16 No. 3, pp. 271-287. https://doi.org/10.1108/09685220810893216

Publisher

:

Emerald Group Publishing Limited

Copyright © 2008, Emerald Group Publishing Limited