Value-Focused Assessment of Information System Security in Organizations

Authors

Gurpreet Dhillon, University of Nevada, Las Vegas
Gholamreza Torkzadeh, University of Nevada, Las Vegas

Abstract

This paper presents findings of an empirical study of information system (IS) security values adhered to by user managers in a cross section of firms in various industries. Using Keeneyís (1999) value-focused thinking approach, 73 managers were interviewed to identify a set of fundamental and means values that are essential in protecting the information resources of a firm. The findings are used to develop a theoretical framework for conceptualizing individual and organizational issues in managing IS security. The proposed framework will be an appropriate underpinning for the development of an instrument for measuring IS security concerns.

Recommended Citation

Dhillon, Gurpreet and Torkzadeh, Gholamreza, "Value-Focused Assessment of Information System Security in Organizations" (2001). ICIS 2001 Proceedings. 72.
https://aisel.aisnet.org/icis2001/72