A preliminary study to determine the role of organizational knowledge in computer security

Gururajan, Raj and Thompson, Alan (2004) A preliminary study to determine the role of organizational knowledge in computer security. In: ACIS 2004: Managing New Wave Information Systems: Enterprise, Government and Society, 1-3 Dec 2004, Hobart, Australia.


Prior studies indicate that the application of organisational knowledge in computer security has potential benefits. Despite this, it appears that many organisations engage external consultants to develop their computer security policies. It appears that prior studies while supporting the concept of external security consultants to some extent in organisations, also question the effectiveness of such external expertise in terms of performance in computer security. This study examined the role of organisational knowledge in the management of computer security in organisations. A conceptual model based on Rivard et al (1997) was developed with seven constructs. An instrument with 30 questions was prepared and 19 organisations with security procedures were surveyed. The results indicate that there is a negative correlation between external knowledge and the use of policies and procedures, indicating that these policies are not well integrated with the requirements of organisations. Further, the outcome of the study also indicates that organisations are satisfied with the use explicit knowledge available in organisations for the development of computer security policies. In essence, this study concluded that currently the organisational knowledge has a limited role in computer security.

Statistics for USQ ePrint 11596
Statistics for this ePrint Item
Item Type: Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)
Refereed: Yes
Item Status: Live Archive
Additional Information: Paper no. 7
Faculty / Department / School: Historic - Faculty of Business - Department of Information Systems
Date Deposited: 30 Nov 2007 11:55
Last Modified: 13 Mar 2018 02:33
Uncontrolled Keywords: computer security; knowledge management; standards
Fields of Research : 15 Commerce, Management, Tourism and Services > 1503 Business and Management > 150301 Business Information Management (incl. Records, Knowledge and Information Management, and Intelligence)
08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
08 Information and Computing Sciences > 0806 Information Systems > 080608 Information Systems Development Methodologies
Socio-Economic Objective: E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences
URI: http://eprints.usq.edu.au/id/eprint/11596

Actions (login required)

View Item Archive Repository Staff Only