Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - A Conceptual Model of Virtual Bank IS Security Meta-policy From a Network Perspective
AU - Paul, Smita
AU - Zhu, Ruilin
N1 - Conference code: 20th
PY - 2016/6/27
Y1 - 2016/6/27
N2 - Despite a continued scholarly conversation on Information Systems Security (ISsec) policies and gov-ernance, a perspective that examines these issues at the organisational level has been generally ne-glected. This is of concern as managing ISsec is multi-level in nature for many organisations ranging from the individual level, such as BYOD (Bring Your Own Device) policies, to the strategic level, such as the use of Chief Security Officers (CSOs). This deficiency is also evident for virtual banks as a type of IS (Information System)-led organisation that develop flexible policies due to changing internal and external security environments. In order to focus on the multi-level and flexible nature of ISsec policies of virtual banks, we borrow key concepts from the organisational network perspective to map organisation structure changes through ISsec development phases and shifting meta-policies. The goal of this paper is to develop the theoretical framework and conceptual model needed to examine the multi-level and flexible nature of organisational ISsec policies of virtual banks. We start with build-ing on relevant literature on ISsec meta-policy characteristics and then integrate network concepts from the ARA (actor, resource, activity) framework to map the changing ISsec policies at the individual, meso, and meta-organisational level.
AB - Despite a continued scholarly conversation on Information Systems Security (ISsec) policies and gov-ernance, a perspective that examines these issues at the organisational level has been generally ne-glected. This is of concern as managing ISsec is multi-level in nature for many organisations ranging from the individual level, such as BYOD (Bring Your Own Device) policies, to the strategic level, such as the use of Chief Security Officers (CSOs). This deficiency is also evident for virtual banks as a type of IS (Information System)-led organisation that develop flexible policies due to changing internal and external security environments. In order to focus on the multi-level and flexible nature of ISsec policies of virtual banks, we borrow key concepts from the organisational network perspective to map organisation structure changes through ISsec development phases and shifting meta-policies. The goal of this paper is to develop the theoretical framework and conceptual model needed to examine the multi-level and flexible nature of organisational ISsec policies of virtual banks. We start with build-ing on relevant literature on ISsec meta-policy characteristics and then integrate network concepts from the ARA (actor, resource, activity) framework to map the changing ISsec policies at the individual, meso, and meta-organisational level.
M3 - Conference contribution/Paper
SN - 9789860491029
BT - PACIS 2016 Proceedings
PB - AIS Electronic Library
T2 - Pacific Asia Conference on Information Systems (PACIS)
Y2 - 27 June 2016 through 1 July 2016
ER -