Genre-Based Approach to Assessing Information and Knowledge Security Risks
| Autor: | Dan Harnesk, Ali Mohammad Padyab, Tero Päivärinta |
|---|---|
| Rok vydání: | 2014 |
| Předmět: |
Knowledge management
Computer science business.industry Standard of Good Practice Information security Security information and event management Computer Science Applications Management Information Systems Knowledge sharing Threat Information security management Information security standards Management of Technology and Innovation Security management business |
| Zdroj: | International Journal of Knowledge Management. 10:13-27 |
| ISSN: | 1548-0658 1548-0666 |
| Popis: | Contemporary methods for assessing information security risks have adopted mainly technical views on information and technology assets. Organizational dynamics of information management and knowledge sharing have gained less attention. This article outlines a new, genre-based, approach to information security risk assessment in order to orientate toward organization- and knowledge-centric identification and analysis of security risks. In order to operationalize the genre-based approach, we suggest the use of a genre-based analytical method for identifying organizational communication patterns through which organizational knowledge is shared. The genre-based method is then complemented with tasks and techniques from a textbook risk assessment method (OCTAVE Allegro). We discuss the initial experiences of three experienced information security professionals who tested the method. The article concludes with implications of the genre-based approach to analyzing information and knowledge security risks for future research and practice. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|