Ambiguity as a Barrier to Information Security Policy Compliance: A Content Analysis

被引:0
|
作者
Buthelezi, Mokateko Portia [1 ]
Van der Poll, John Andrew [1 ]
Ochola, Elisha Oketch [1 ]
机构
[1] Univ South Africal, Florida, South Africa
来源
2016 INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE & COMPUTATIONAL INTELLIGENCE (CSCI) | 2016年
关键词
Policy ambiguity; Usable security; Policy clarity; Policy human aspects; Security policy compliance; MANAGEMENT; FRAMEWORK;
D O I
10.1109/CSCI.2016.253
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Institutions use the information security (InfoSec) policy document as a set of rules and guidelines to govern the use of the institutional information resources. However, a common problem is that these policies are often not followed or complied with. This study explores the extent to which the problem lies with the policy documents themselves. The InfoSec policies are documented in the natural languages, which are prone to ambiguity and misinterpretation. Subsequently such policies may be ambiguous, thereby making it hard, if not impossible for users to comply with. A case study approach with a content analysis was conducted. The research explores the extent of the problem by using a case study of an educational institution in South Africa.
引用
收藏
页码:1360 / 1367
页数:8
相关论文
共 50 条
  • [1] Information Security Policy Compliance: The Role of Information Security Awareness
    AL-Omari, Ahmad
    El-Gayar, Omar
    Deokar, Amit
    [J]. AMCIS 2012 PROCEEDINGS, 2012,
  • [2] Internalization of Information Security Policy and Information Security Practice: A Comparison with Compliance
    Park, Minjung
    Chai, Sangmi
    [J]. PROCEEDINGS OF THE 51ST ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), 2018, : 4723 - 4731
  • [3] A Conceptual Analysis about the Organizational Impact of Compliance on Information Security Policy
    Cavallari, Maurizio
    [J]. EXPLORING SERVICES SCIENCE, 2012, 103 : 101 - 114
  • [4] Automating Information Security Policy Compliance Checking
    Mandal, Debashis
    Mazumdar, Chandan
    [J]. PROCEEDINGS OF 2018 FIFTH INTERNATIONAL CONFERENCE ON EMERGING APPLICATIONS OF INFORMATION TECHNOLOGY (EAIT), 2018,
  • [5] Information Security Policy Compliance: Leadership and Trust
    Paliszkiewicz, Joanna
    [J]. JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2019, 59 (03) : 211 - 217
  • [6] Information security policy compliance model in organizations
    Safa, Nader Sohrabi
    Von Solms, Rossouw
    Furnell, Steven
    [J]. COMPUTERS & SECURITY, 2016, 56 : 70 - 82
  • [7] Issues and Trends in Information Security Policy Compliance
    Bhaharin, Surayahani Hasnul
    Mokhtar, Umi Asma
    Sulaiman, Rossilawati
    Yusof, Maryati Mohd
    [J]. 2019 6TH INTERNATIONAL CONFERENCE ON RESEARCH AND INNOVATION IN INFORMATION SYSTEMS: EMPOWERING DIGITAL INNOVATION (ICRIIS 2019), 2019,
  • [8] The role of norms in information security policy compliance
    Wiafe, Isaac
    Koranteng, Felix Nti
    Wiafe, Abigail
    Obeng, Emmanuel Nyarko
    Yaokumah, Winfred
    [J]. INFORMATION AND COMPUTER SECURITY, 2020, 28 (05) : 743 - 761
  • [9] Psychological Capital and Information Security Policy Compliance
    Zhao, Jiaqing
    Hong, Yuxiang
    Chen, Wenqing
    Chen, Chouyong
    [J]. JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2024,
  • [10] Predictors of Success in Information Security Policy Compliance
    Nord, Jeretta
    Sargent, Carol Springer
    Koohang, Alex
    Marotta, Angelica
    [J]. JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2022, 62 (04) : 863 - 873
12345