Title :
Applying double loop learning to interpret implications for information systems security design
Author :
Mattia, Angela ; Dhillon, Gurpreet
Author_Institution :
Virginia Commonwealth Univ., Richmond, VA, USA
Abstract :
The security of information systems (IS) continues to be one of the most serious issues of the twenty-first century. Past research indicates human factors to be the prime reason for IS security breaches. Human factors are repertoires of behavior that evolve from the reasoning and actions that individuals follow. These actions become the ´theories of action´ individuals espouse and their ´theories-in-use´, which are the actions they actually use. We argue that IS security problems occur when an organization´s ´espoused theory´ and their ´theory-in-use´ (what they actually do) are contradictory. It is important, therefore, that human factors be addressed in (IS) security. The current focus on technological methods alone is an incomplete solution. The purpose of this paper is to present double loop learning as a strategy for designing and implementing security actions that bring an organization´s ´espoused theory´ and their ´theory-in-use´ (what they actually do) into congruence . Indeed, by doing so double loop learning is a proactive security method that never becomes outdated.
Keywords :
human factors; information systems; organisational aspects; security of data; IS security; double loop learning; human factors; information systems security design; interpretive perspective; organizations espoused theory; Cognition; Computer crime; Computer hacking; Computer security; Costs; Electronic mail; Human factors; Information security; Information systems; Terrorism;
Conference_Titel :
Systems, Man and Cybernetics, 2003. IEEE International Conference on
Print_ISBN :
0-7803-7952-7
DOI :
10.1109/ICSMC.2003.1244262
