|Keywords:||information security management; sociomateriality; users’ compliance; information security in public organizations; Social Sciences; Media and Communications; Information Systems, Social aspects; Samhällsvetenskap; Medie- och kommunikationsvetenskap; Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning; Masterprogrammet i IT Management; Master's Programme in IT Management|
|Full text PDF:||http://urn.kb.se/resolve?urn=urn:nbn:se:umu:diva-101978|
Information security management is now a major concern for any organization regardless of its type, size, or activity field. Having an information security system that ensures theavailability, the confidentiality, and the integrity of information is not an option anymorebut a necessity. Information security management identifies difficulties with user behaviourand compliance that is centralized around policies, perceptions, and practices. In order to address how they affect information security management, these three issues are holistically explored using a sociomaterial framework to engage the understanding of human andnonhuman components. A case study of a university in Sweden was conducted and it was found that despite the sophistication of the IT system, human behaviours are a pertinent component of information security management, and not one that can be ignored.