| Περίληψη: | Purpose – The purpose of this paper is to study the way information systems (IS) security
researchers approach information security awareness and examine whether these approaches are
consistent with the organization theory and IS approaches for the study of organizational processes.
Design/methodology/approach – Open coding analysis was performed on selected publications
(articles, surveys, standards, and reports). The chosen publications were classified and the
classification results are presented, based on a proposed typology.
Findings – The proposed typology allows us to identify different types of research models followed
by security researchers and practitioners, and to infer a set of practical implications, for the benefit
of those interested in empirically studying information security awareness.
Research limitations/implications – The paper represents a pilot survey, performed in a selected
number of publications.
Practical implications – The paper helps researchers and practitioners to distinguish the research
models that can be adopted for the study of information security awareness organizational process, by
identifying the key dimensions along which they differ.
Originality/value – The proposed typology provides a guide to identify the range of options
available to researchers and practitioners when they design their work regarding the security
awareness topic. Moreover, it can facilitate the communication between scholars in the field of
security awareness. |
|---|
English