| Background and Rationale (2008) | |||||||||||||||
Abstract | |||||||||||||||
| While there is an overwhelming amount of literature that recognises the need for organisations to create a security culture in order to effectively manage security, little is known about how to create a good security culture or even what constitutes a good security culture. In this paper, we report on one of two case studies performed to examine how security governance influences security culture and in particular, the sense of responsibility and ownership of security. The results indicate that although the structural and functional mechanisms in security governance are influencing factors, it is the extent of social participation that may be the major contributing component in security governance that influences the levels of responsibility and sense of ownership that IT security personnel have over the management of security within an organisation. | |||||||||||||||
Publication details | |||||||||||||||
| |||||||||||||||