Why there aren't more information security research studies

被引：151

作者：

Kotulic, AG

Clark, JG

机构：

[1] Univ Texas, Dept Informat Syst, San Antonio, TX 78249 USA

[2] Kent State Univ, Kent, OH 44242 USA

来源：

INFORMATION & MANAGEMENT | 2004年 / 41卷 / 05期

关键词：

security; risk; security risk management; IT strategy;

D O I：

10.1016/j.im.2003.08.001

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Noting a serious lack of empirical research in the area of Security risk management (SRM), we proposed a conceptual model based on the study of SRM at the firm level. Although considerable time and effort were expended in attempting to validate the usefulness of the proposed model, we were not successful. We provide here a description of our conceptual model, the methodology designed to test this model, the problems we faced while attempting to test the model, and our suggestions for those who attempt to conduct work in highly sensitive areas. (C) 2003 Elsevier B.V All rights reserved.

引用

页码：597 / 607

页数：11

共 73 条

[61] Coping with systems risk: Security planning models for management decision making [J].

Straub, DW ;

Welke, RJ .

MIS QUARTERLY, 1998, 22 (04) :441-469

[62] MEASUREMENT - A BLUEPRINT FOR THEORY-BUILDING IN MIS [J].

SUBRAMANIAN, A ;

NILAKANTA, S .

INFORMATION & MANAGEMENT, 1994, 26 (01) :13-20

[63]

Suh K., 1994, Information Resources Management Journal (IRMJ), V7, P30, DOI [10.4018/irmj.1994100103, DOI 10.4018/IRMJ.1994100103]

[64]

Tabachnick B.G., 2010, Using multivariate statistics

[65]

Thompson J.D., 2011, Organizations in action: Social science bases of administrative theory

[66]

Tipton H., 1994, Computer Security Journal, V10, P59

[67] ORGANIZATIONAL SURVEY NONRESPONSE [J].

TOMASKOVICDEVEY, D ;

LEITER, J ;

THOMPSON, S .

ADMINISTRATIVE SCIENCE QUARTERLY, 1994, 39 (03) :439-457

[68]

TROY EG, 1995, RISK MANAGEMENT, V42, P71

[69]

VENKATRAMAN N, 1994, SLOAN MANAGE REV, V35, P73

[70]

VENKATRAMAN N, 1989, ACAD MANAGE REV, V14, P432

← 1 2 3 4 5 6 7 8 →