Change search
ReferencesLink to record
Permanent link

Direct link
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
2013 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

The importance of information Security Knowledge Transfer in general, and specifically information security awareness training for overall security in organizations, makes factors benefitting information security knowledge transfer processes in the organization an important area for study. This has previously been explored in case studies but not tested in a quantitative way. This thesis investigates how Security Knowledge Transfer is affected by the factors of Organizational Structure, Business-based Information Security and Information Security Processes. After initial analysis, the Information Security Processes construct was divided into three different constructs: Performance Monitoring, Risk Assessment and Holistic Structure of Information Security. Holistic Structure of Information Security is a state in which structures with the purpose of coordinating information security across the organization exist. Both Holistic Structure of Information Security and Performance Monitoring were shown to have positive effects on Security Knowledge Transfer, however, Holistic Structure of Information Security had a relatively large effect, while Performance Monitoring had a relatively small effect. The effect of Holistic Structure of Information Security is due to that knowledge transfer in general is enabled by organizational structures. Performance Monitoring’s effect can be attributed to its property as a way to signal the importance of information security from top management to the rest of the organization and therefore act to motivate Security Knowledge Transfer among organizational members.  That two hypotheses were not supported means that two of the constructs have no direct effect on Security Knowledge Transfer. This is probably due to that one or more of the constructs that were shown to directly affect Security Knowledge Transfer mediates the effect of these constructs. To test this is left for further research.

Place, publisher, year, edition, pages
2013. , 30 p.
EES Examensarbete / Master Thesis, XR-EE-ICS 2013:014
Keyword [en]
Business-based Information Security, Security Knowledge Transfer, Organizational Structure, Information Security Processes, IT Governance
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
URN: urn:nbn:se:kth:diva-138620OAI: diva2:681663
Educational program
Master of Science in Engineering - Computer Science and Technology
Available from: 2014-01-23 Created: 2013-12-20 Last updated: 2014-01-23Bibliographically approved

Open Access in DiVA

No full text

Search in DiVA

By author/editor
Antonsen, Egil
By organisation
Industrial Information and Control Systems
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 167 hits
ReferencesLink to record
Permanent link

Direct link